public virtual void SetUp() { config = new HdfsConfiguration(); config.SetBoolean(DFSConfigKeys.DfsWebhdfsEnabledKey, true); config.SetLong(DFSConfigKeys.DfsNamenodeDelegationTokenMaxLifetimeKey, 10000); config.SetLong(DFSConfigKeys.DfsNamenodeDelegationTokenRenewIntervalKey, 5000); config.SetBoolean(DFSConfigKeys.DfsNamenodeDelegationTokenAlwaysUseKey, true); config.Set("hadoop.security.auth_to_local", "RULE:[2:$1@$0](JobTracker@.*FOO.COM)s/@.*//" + "DEFAULT"); FileSystem.SetDefaultUri(config, "hdfs://localhost:" + "0"); cluster = new MiniDFSCluster.Builder(config).NumDataNodes(0).Build(); cluster.WaitActive(); dtSecretManager = NameNodeAdapter.GetDtSecretManager(cluster.GetNamesystem()); }
public virtual void SetupCluster() { SecurityUtilTestHelper.SetTokenServiceUseIp(true); conf.SetBoolean(DFSConfigKeys.DfsNamenodeDelegationTokenAlwaysUseKey, true); conf.Set(CommonConfigurationKeysPublic.HadoopSecurityAuthToLocal, "RULE:[2:$1@$0](JobTracker@.*FOO.COM)s/@.*//" + "DEFAULT"); cluster = new MiniDFSCluster.Builder(conf).NnTopology(MiniDFSNNTopology.SimpleHATopology ()).NumDataNodes(0).Build(); cluster.WaitActive(); string logicalName = HATestUtil.GetLogicalHostname(cluster); HATestUtil.SetFailoverConfigurations(cluster, conf, logicalName, 0); nn0 = cluster.GetNameNode(0); nn1 = cluster.GetNameNode(1); fs = HATestUtil.ConfigureFailoverFs(cluster, conf); dfs = (DistributedFileSystem)fs; cluster.TransitionToActive(0); dtSecretManager = NameNodeAdapter.GetDtSecretManager(nn0.GetNamesystem()); }
public virtual void TestDTManagerInSafeMode() { cluster.StartDataNodes(config, 1, true, HdfsServerConstants.StartupOption.Regular , null); FileSystem fs = cluster.GetFileSystem(); for (int i = 0; i < 5; i++) { DFSTestUtil.CreateFile(fs, new Path("/test-" + i), 100, (short)1, 1L); } cluster.GetConfiguration(0).SetInt(DFSConfigKeys.DfsNamenodeDelegationKeyUpdateIntervalKey , 500); cluster.GetConfiguration(0).SetInt(DFSConfigKeys.DfsNamenodeSafemodeExtensionKey, 30000); cluster.SetWaitSafeMode(false); cluster.RestartNameNode(); NameNode nn = cluster.GetNameNode(); NUnit.Framework.Assert.IsTrue(nn.IsInSafeMode()); DelegationTokenSecretManager sm = NameNodeAdapter.GetDtSecretManager(nn.GetNamesystem ()); NUnit.Framework.Assert.IsFalse("Secret manager should not run in safe mode", sm.IsRunning ()); NameNodeAdapter.LeaveSafeMode(nn); NUnit.Framework.Assert.IsTrue("Secret manager should start when safe mode is exited" , sm.IsRunning()); Log.Info("========= entering safemode again"); NameNodeAdapter.EnterSafeMode(nn, false); NUnit.Framework.Assert.IsFalse("Secret manager should stop again when safe mode " + "is manually entered", sm.IsRunning()); // Set the cluster to leave safemode quickly on its own. cluster.GetConfiguration(0).SetInt(DFSConfigKeys.DfsNamenodeSafemodeExtensionKey, 0); cluster.SetWaitSafeMode(true); cluster.RestartNameNode(); nn = cluster.GetNameNode(); sm = NameNodeAdapter.GetDtSecretManager(nn.GetNamesystem()); NUnit.Framework.Assert.IsFalse(nn.IsInSafeMode()); NUnit.Framework.Assert.IsTrue(sm.IsRunning()); }
/// <summary> /// Test if StandbyException can be thrown from StandbyNN, when it's requested for /// password. /// </summary> /// <remarks> /// Test if StandbyException can be thrown from StandbyNN, when it's requested for /// password. (HDFS-6475). With StandbyException, the client can failover to try /// activeNN. /// </remarks> /// <exception cref="System.Exception"/> public virtual void TestDelegationTokenStandbyNNAppearFirst() { // make nn0 the standby NN, and nn1 the active NN cluster.TransitionToStandby(0); cluster.TransitionToActive(1); DelegationTokenSecretManager stSecretManager = NameNodeAdapter.GetDtSecretManager (nn1.GetNamesystem()); // create token Org.Apache.Hadoop.Security.Token.Token <DelegationTokenIdentifier> token = GetDelegationToken (fs, "JobTracker"); DelegationTokenIdentifier identifier = new DelegationTokenIdentifier(); byte[] tokenId = token.GetIdentifier(); identifier.ReadFields(new DataInputStream(new ByteArrayInputStream(tokenId))); NUnit.Framework.Assert.IsTrue(null != stSecretManager.RetrievePassword(identifier )); UserGroupInformation ugi = UserGroupInformation.CreateRemoteUser("JobTracker"); ugi.AddToken(token); ugi.DoAs(new _PrivilegedExceptionAction_406(identifier)); }
public static void SetUp() { Configuration conf = new Configuration(); conf.Set(MRConfig.FrameworkName, MRConfig.YarnFrameworkName); conf.Set(YarnConfiguration.RmPrincipal, "jt_id/" + SecurityUtil.HostnamePattern + "@APACHE.ORG"); MiniDFSCluster.Builder builder = new MiniDFSCluster.Builder(conf); builder.CheckExitOnShutdown(true); builder.NumDataNodes(numSlaves); builder.Format(true); builder.Racks(null); dfsCluster = builder.Build(); mrCluster = new MiniMRYarnCluster(typeof(TestBinaryTokenFile).FullName, noOfNMs); mrCluster.Init(conf); mrCluster.Start(); NameNodeAdapter.GetDtSecretManager(dfsCluster.GetNamesystem()).StartThreads(); FileSystem fs = dfsCluster.GetFileSystem(); p1 = new Path("file1"); p1 = fs.MakeQualified(p1); }
private bool IsDTRunning(NameNode nn) { return(NameNodeAdapter.GetDtSecretManager(nn.GetNamesystem()).IsRunning()); }