public CuratorFrameworkImpl(CuratorFrameworkFactory.Builder builder)
{
IZookeeperFactory localZookeeperFactory = makeZookeeperFactory(builder.GetZookeeperFactory());
this.client = new CuratorZookeeperClient(localZookeeperFactory,
builder.GetEnsembleProvider(),
builder.GetSessionTimeoutMs(),
builder.GetConnectionTimeoutMs(),
new WatchedWatcher(this),
builder.GetRetryPolicy(),
builder.CanBeReadOnly());
listeners = new ListenerContainer <ICuratorListener>();
unhandledErrorListeners = new ListenerContainer <IUnhandledErrorListener>();
backgroundOperations = new DelayQueue <OperationAndData <object> >();
@namespace = new NamespaceImpl(this, builder.GetNamespace());
maxCloseWaitMs = builder.GetMaxCloseWaitMs();
connectionStateManager = new ConnectionStateManager(this, builder.GetEventQueueSize());
compressionProvider = builder.GetCompressionProvider();
aclProvider = builder.GetAclProvider();
state = new AtomicReference <CuratorFrameworkState>(CuratorFrameworkState.LATENT);
useContainerParentsIfAvailable = builder.UseContainerParentsIfAvailable();
byte[] builderDefaultData = builder.GetDefaultData();
byte[] destDefaults = new byte[builderDefaultData.Length];
Array.Copy(builderDefaultData, destDefaults, builderDefaultData.Length);
defaultData = (builderDefaultData != null)
? destDefaults
: new byte[0];
authInfos = buildAuths(builder);
failedDeleteManager = new FailedDeleteManager(this);
namespaceWatcherMap = new NamespaceWatcherMap(this);
namespaceFacadeCache = new NamespaceFacadeCache(this);
}
/// <summary>Apply the security environment to this curator instance.</summary>
/// <remarks>
/// Apply the security environment to this curator instance. This
/// may include setting up the ZK system properties for SASL
/// </remarks>
/// <param name="builder">curator builder</param>
public virtual void ApplySecurityEnvironment(CuratorFrameworkFactory.Builder builder
)
{
if (IsSecureRegistry())
{
switch (access)
{
case RegistrySecurity.AccessPolicy.anon:
{
ClearZKSaslClientProperties();
break;
}
case RegistrySecurity.AccessPolicy.digest:
{
// no SASL
ClearZKSaslClientProperties();
builder.Authorization(SchemeDigest, digestAuthData);
break;
}
case RegistrySecurity.AccessPolicy.sasl:
{
// bind to the current identity and context within the JAAS file
SetZKSaslClientProperties(jaasClientIdentity, jaasClientContext);
break;
}
}
}
}
private List <AuthInfo> BuildAuths(CuratorFrameworkFactory.Builder builder)
{
List <AuthInfo> builder1 = new List <AuthInfo>();
if (builder.GetAuthInfos() != null)
{
builder1.AddRange(builder.GetAuthInfos());
}
return(builder1);
}
/// <summary>
/// Create a new curator instance off the root path; using configuration
/// options provided in the service configuration to set timeouts and
/// retry policy.
/// </summary>
/// <returns>the newly created creator</returns>
/// <exception cref="System.IO.IOException"/>
private CuratorFramework CreateCurator()
{
Configuration conf = GetConfig();
CreateEnsembleProvider();
int sessionTimeout = conf.GetInt(KeyRegistryZkSessionTimeout, DefaultZkSessionTimeout
);
int connectionTimeout = conf.GetInt(KeyRegistryZkConnectionTimeout, DefaultZkConnectionTimeout
);
int retryTimes = conf.GetInt(KeyRegistryZkRetryTimes, DefaultZkRetryTimes);
int retryInterval = conf.GetInt(KeyRegistryZkRetryInterval, DefaultZkRetryInterval
);
int retryCeiling = conf.GetInt(KeyRegistryZkRetryCeiling, DefaultZkRetryCeiling);
if (Log.IsDebugEnabled())
{
Log.Debug("Creating CuratorService with connection {}", connectionDescription);
}
CuratorFramework framework;
lock (typeof(Org.Apache.Hadoop.Registry.Client.Impl.ZK.CuratorService))
{
// set the security options
// build up the curator itself
CuratorFrameworkFactory.Builder builder = CuratorFrameworkFactory.Builder();
builder.EnsembleProvider(ensembleProvider).ConnectionTimeoutMs(connectionTimeout)
.SessionTimeoutMs(sessionTimeout).RetryPolicy(new BoundedExponentialBackoffRetry
(retryInterval, retryCeiling, retryTimes));
// set up the builder AND any JVM context
registrySecurity.ApplySecurityEnvironment(builder);
//log them
securityConnectionDiagnostics = BuildSecurityDiagnostics();
framework = builder.Build();
framework.Start();
}
return(framework);
}
public CuratorTempFrameworkImpl(CuratorFrameworkFactory.Builder factory, long inactiveThresholdMs)
{
this.factory = factory;
this.inactiveThresholdMs = inactiveThresholdMs;
}
public CuratorTempFrameworkImpl(CuratorFrameworkFactory.Builder factory, long inactiveThresholdMs)
{
this.factory = factory;
this.inactiveThresholdMs = inactiveThresholdMs;
}
public ZKDelegationTokenSecretManager(Configuration conf)
: base(conf.GetLong(DelegationTokenManager.UpdateInterval, DelegationTokenManager
.UpdateIntervalDefault) * 1000, conf.GetLong(DelegationTokenManager.MaxLifetime,
DelegationTokenManager.MaxLifetimeDefault) * 1000, conf.GetLong(DelegationTokenManager
.RenewInterval, DelegationTokenManager.RenewIntervalDefault * 1000), conf.GetLong
(DelegationTokenManager.RemovalScanInterval, DelegationTokenManager.RemovalScanIntervalDefault
) * 1000)
{
shutdownTimeout = conf.GetLong(ZkDtsmZkShutdownTimeout, ZkDtsmZkShutdownTimeoutDefault
);
if (CuratorTl.Get() != null)
{
zkClient = CuratorTl.Get().UsingNamespace(conf.Get(ZkDtsmZnodeWorkingPath, ZkDtsmZnodeWorkingPathDeafult
) + "/" + ZkDtsmNamespace);
isExternalClient = true;
}
else
{
string connString = conf.Get(ZkDtsmZkConnectionString);
Preconditions.CheckNotNull(connString, "Zookeeper connection string cannot be null"
);
string authType = conf.Get(ZkDtsmZkAuthType);
// AuthType has to be explicitly set to 'none' or 'sasl'
Preconditions.CheckNotNull(authType, "Zookeeper authType cannot be null !!");
Preconditions.CheckArgument(authType.Equals("sasl") || authType.Equals("none"), "Zookeeper authType must be one of [none, sasl]"
);
CuratorFrameworkFactory.Builder builder = null;
try
{
ACLProvider aclProvider = null;
if (authType.Equals("sasl"))
{
Log.Info("Connecting to ZooKeeper with SASL/Kerberos" + "and using 'sasl' ACLs");
string principal = SetJaasConfiguration(conf);
Runtime.SetProperty(ZooKeeperSaslClient.LoginContextNameKey, JaasLoginEntryName);
Runtime.SetProperty("zookeeper.authProvider.1", "org.apache.zookeeper.server.auth.SASLAuthenticationProvider"
);
aclProvider = new ZKDelegationTokenSecretManager.SASLOwnerACLProvider(principal);
}
else
{
// "none"
Log.Info("Connecting to ZooKeeper without authentication");
aclProvider = new DefaultACLProvider();
}
// open to everyone
int sessionT = conf.GetInt(ZkDtsmZkSessionTimeout, ZkDtsmZkSessionTimeoutDefault);
int numRetries = conf.GetInt(ZkDtsmZkNumRetries, ZkDtsmZkNumRetriesDefault);
builder = CuratorFrameworkFactory.Builder().AclProvider(aclProvider).Namespace(conf
.Get(ZkDtsmZnodeWorkingPath, ZkDtsmZnodeWorkingPathDeafult) + "/" + ZkDtsmNamespace
).SessionTimeoutMs(sessionT).ConnectionTimeoutMs(conf.GetInt(ZkDtsmZkConnectionTimeout
, ZkDtsmZkConnectionTimeoutDefault)).RetryPolicy(new RetryNTimes(numRetries, sessionT
/ numRetries));
}
catch (Exception)
{
throw new RuntimeException("Could not Load ZK acls or auth");
}
zkClient = builder.EnsembleProvider(new FixedEnsembleProvider(connString)).Build(
);
isExternalClient = false;
}
}
