public CuratorFrameworkImpl(CuratorFrameworkFactory.Builder builder) { IZookeeperFactory localZookeeperFactory = makeZookeeperFactory(builder.GetZookeeperFactory()); this.client = new CuratorZookeeperClient(localZookeeperFactory, builder.GetEnsembleProvider(), builder.GetSessionTimeoutMs(), builder.GetConnectionTimeoutMs(), new WatchedWatcher(this), builder.GetRetryPolicy(), builder.CanBeReadOnly()); listeners = new ListenerContainer <ICuratorListener>(); unhandledErrorListeners = new ListenerContainer <IUnhandledErrorListener>(); backgroundOperations = new DelayQueue <OperationAndData <object> >(); @namespace = new NamespaceImpl(this, builder.GetNamespace()); maxCloseWaitMs = builder.GetMaxCloseWaitMs(); connectionStateManager = new ConnectionStateManager(this, builder.GetEventQueueSize()); compressionProvider = builder.GetCompressionProvider(); aclProvider = builder.GetAclProvider(); state = new AtomicReference <CuratorFrameworkState>(CuratorFrameworkState.LATENT); useContainerParentsIfAvailable = builder.UseContainerParentsIfAvailable(); byte[] builderDefaultData = builder.GetDefaultData(); byte[] destDefaults = new byte[builderDefaultData.Length]; Array.Copy(builderDefaultData, destDefaults, builderDefaultData.Length); defaultData = (builderDefaultData != null) ? destDefaults : new byte[0]; authInfos = buildAuths(builder); failedDeleteManager = new FailedDeleteManager(this); namespaceWatcherMap = new NamespaceWatcherMap(this); namespaceFacadeCache = new NamespaceFacadeCache(this); }
/// <summary>Apply the security environment to this curator instance.</summary> /// <remarks> /// Apply the security environment to this curator instance. This /// may include setting up the ZK system properties for SASL /// </remarks> /// <param name="builder">curator builder</param> public virtual void ApplySecurityEnvironment(CuratorFrameworkFactory.Builder builder ) { if (IsSecureRegistry()) { switch (access) { case RegistrySecurity.AccessPolicy.anon: { ClearZKSaslClientProperties(); break; } case RegistrySecurity.AccessPolicy.digest: { // no SASL ClearZKSaslClientProperties(); builder.Authorization(SchemeDigest, digestAuthData); break; } case RegistrySecurity.AccessPolicy.sasl: { // bind to the current identity and context within the JAAS file SetZKSaslClientProperties(jaasClientIdentity, jaasClientContext); break; } } } }
private List <AuthInfo> BuildAuths(CuratorFrameworkFactory.Builder builder) { List <AuthInfo> builder1 = new List <AuthInfo>(); if (builder.GetAuthInfos() != null) { builder1.AddRange(builder.GetAuthInfos()); } return(builder1); }
/// <summary> /// Create a new curator instance off the root path; using configuration /// options provided in the service configuration to set timeouts and /// retry policy. /// </summary> /// <returns>the newly created creator</returns> /// <exception cref="System.IO.IOException"/> private CuratorFramework CreateCurator() { Configuration conf = GetConfig(); CreateEnsembleProvider(); int sessionTimeout = conf.GetInt(KeyRegistryZkSessionTimeout, DefaultZkSessionTimeout ); int connectionTimeout = conf.GetInt(KeyRegistryZkConnectionTimeout, DefaultZkConnectionTimeout ); int retryTimes = conf.GetInt(KeyRegistryZkRetryTimes, DefaultZkRetryTimes); int retryInterval = conf.GetInt(KeyRegistryZkRetryInterval, DefaultZkRetryInterval ); int retryCeiling = conf.GetInt(KeyRegistryZkRetryCeiling, DefaultZkRetryCeiling); if (Log.IsDebugEnabled()) { Log.Debug("Creating CuratorService with connection {}", connectionDescription); } CuratorFramework framework; lock (typeof(Org.Apache.Hadoop.Registry.Client.Impl.ZK.CuratorService)) { // set the security options // build up the curator itself CuratorFrameworkFactory.Builder builder = CuratorFrameworkFactory.Builder(); builder.EnsembleProvider(ensembleProvider).ConnectionTimeoutMs(connectionTimeout) .SessionTimeoutMs(sessionTimeout).RetryPolicy(new BoundedExponentialBackoffRetry (retryInterval, retryCeiling, retryTimes)); // set up the builder AND any JVM context registrySecurity.ApplySecurityEnvironment(builder); //log them securityConnectionDiagnostics = BuildSecurityDiagnostics(); framework = builder.Build(); framework.Start(); } return(framework); }
public CuratorTempFrameworkImpl(CuratorFrameworkFactory.Builder factory, long inactiveThresholdMs) { this.factory = factory; this.inactiveThresholdMs = inactiveThresholdMs; }
public CuratorTempFrameworkImpl(CuratorFrameworkFactory.Builder factory, long inactiveThresholdMs) { this.factory = factory; this.inactiveThresholdMs = inactiveThresholdMs; }
public ZKDelegationTokenSecretManager(Configuration conf) : base(conf.GetLong(DelegationTokenManager.UpdateInterval, DelegationTokenManager .UpdateIntervalDefault) * 1000, conf.GetLong(DelegationTokenManager.MaxLifetime, DelegationTokenManager.MaxLifetimeDefault) * 1000, conf.GetLong(DelegationTokenManager .RenewInterval, DelegationTokenManager.RenewIntervalDefault * 1000), conf.GetLong (DelegationTokenManager.RemovalScanInterval, DelegationTokenManager.RemovalScanIntervalDefault ) * 1000) { shutdownTimeout = conf.GetLong(ZkDtsmZkShutdownTimeout, ZkDtsmZkShutdownTimeoutDefault ); if (CuratorTl.Get() != null) { zkClient = CuratorTl.Get().UsingNamespace(conf.Get(ZkDtsmZnodeWorkingPath, ZkDtsmZnodeWorkingPathDeafult ) + "/" + ZkDtsmNamespace); isExternalClient = true; } else { string connString = conf.Get(ZkDtsmZkConnectionString); Preconditions.CheckNotNull(connString, "Zookeeper connection string cannot be null" ); string authType = conf.Get(ZkDtsmZkAuthType); // AuthType has to be explicitly set to 'none' or 'sasl' Preconditions.CheckNotNull(authType, "Zookeeper authType cannot be null !!"); Preconditions.CheckArgument(authType.Equals("sasl") || authType.Equals("none"), "Zookeeper authType must be one of [none, sasl]" ); CuratorFrameworkFactory.Builder builder = null; try { ACLProvider aclProvider = null; if (authType.Equals("sasl")) { Log.Info("Connecting to ZooKeeper with SASL/Kerberos" + "and using 'sasl' ACLs"); string principal = SetJaasConfiguration(conf); Runtime.SetProperty(ZooKeeperSaslClient.LoginContextNameKey, JaasLoginEntryName); Runtime.SetProperty("zookeeper.authProvider.1", "org.apache.zookeeper.server.auth.SASLAuthenticationProvider" ); aclProvider = new ZKDelegationTokenSecretManager.SASLOwnerACLProvider(principal); } else { // "none" Log.Info("Connecting to ZooKeeper without authentication"); aclProvider = new DefaultACLProvider(); } // open to everyone int sessionT = conf.GetInt(ZkDtsmZkSessionTimeout, ZkDtsmZkSessionTimeoutDefault); int numRetries = conf.GetInt(ZkDtsmZkNumRetries, ZkDtsmZkNumRetriesDefault); builder = CuratorFrameworkFactory.Builder().AclProvider(aclProvider).Namespace(conf .Get(ZkDtsmZnodeWorkingPath, ZkDtsmZnodeWorkingPathDeafult) + "/" + ZkDtsmNamespace ).SessionTimeoutMs(sessionT).ConnectionTimeoutMs(conf.GetInt(ZkDtsmZkConnectionTimeout , ZkDtsmZkConnectionTimeoutDefault)).RetryPolicy(new RetryNTimes(numRetries, sessionT / numRetries)); } catch (Exception) { throw new RuntimeException("Could not Load ZK acls or auth"); } zkClient = builder.EnsembleProvider(new FixedEnsembleProvider(connString)).Build( ); isExternalClient = false; } }