org.apache.hadoop.hbase.ipc.RpcServer Java Examples
The following examples show how to use
org.apache.hadoop.hbase.ipc.RpcServer.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: RangerAuthorizationCoprocessor.java From ranger with Apache License 2.0 | 6 votes |
private String getRemoteAddress() { InetAddress remoteAddr = null; try { remoteAddr = RpcServer.getRemoteAddress().get(); } catch (NoSuchElementException e) { LOG.info("Unable to get remote Address"); } if(remoteAddr == null) { remoteAddr = RpcServer.getRemoteIp(); } String strAddr = remoteAddr != null ? remoteAddr.getHostAddress() : null; return strAddr; }
Example #2
Source File: AbstractFSWAL.java From hbase with Apache License 2.0 | 6 votes |
protected final long stampSequenceIdAndPublishToRingBuffer(RegionInfo hri, WALKeyImpl key, WALEdit edits, boolean inMemstore, RingBuffer<RingBufferTruck> ringBuffer) throws IOException { if (this.closed) { throw new IOException( "Cannot append; log is closed, regionName = " + hri.getRegionNameAsString()); } MutableLong txidHolder = new MutableLong(); MultiVersionConcurrencyControl.WriteEntry we = key.getMvcc().begin(() -> { txidHolder.setValue(ringBuffer.next()); }); long txid = txidHolder.longValue(); ServerCall<?> rpcCall = RpcServer.getCurrentCall().filter(c -> c instanceof ServerCall) .filter(c -> c.getCellScanner() != null).map(c -> (ServerCall) c).orElse(null); try (TraceScope scope = TraceUtil.createTrace(implClassName + ".append")) { FSWALEntry entry = new FSWALEntry(txid, key, edits, hri, inMemstore, rpcCall); entry.stampRegionSequenceId(we); ringBuffer.get(txid).load(entry); } finally { ringBuffer.publish(txid); } return txid; }
Example #3
Source File: HMaster.java From hbase with Apache License 2.0 | 6 votes |
/** * @return Get remote side's InetAddress */ InetAddress getRemoteInetAddress(final int port, final long serverStartCode) throws UnknownHostException { // Do it out here in its own little method so can fake an address when // mocking up in tests. InetAddress ia = RpcServer.getRemoteIp(); // The call could be from the local regionserver, // in which case, there is no remote address. if (ia == null && serverStartCode == startcode) { InetSocketAddress isa = rpcServices.getSocketAddress(); if (isa != null && isa.getPort() == port) { ia = isa.getAddress(); } } return ia; }
Example #4
Source File: RegionServerRpcQuotaManager.java From hbase with Apache License 2.0 | 6 votes |
/** * Check the quota for the current (rpc-context) user. * Returns the OperationQuota used to get the available quota and * to report the data/usage of the operation. * @param region the region where the operation will be performed * @param numWrites number of writes to perform * @param numReads number of short-reads to perform * @param numScans number of scan to perform * @return the OperationQuota * @throws RpcThrottlingException if the operation cannot be executed due to quota exceeded. */ private OperationQuota checkQuota(final Region region, final int numWrites, final int numReads, final int numScans) throws IOException, RpcThrottlingException { Optional<User> user = RpcServer.getRequestUser(); UserGroupInformation ugi; if (user.isPresent()) { ugi = user.get().getUGI(); } else { ugi = User.getCurrent().getUGI(); } TableName table = region.getTableDescriptor().getTableName(); OperationQuota quota = getQuota(ugi, table); try { quota.checkQuota(numWrites, numReads, numScans); } catch (RpcThrottlingException e) { LOG.debug("Throttling exception for user=" + ugi.getUserName() + " table=" + table + " numWrites=" + numWrites + " numReads=" + numReads + " numScans=" + numScans + ": " + e.getMessage()); throw e; } return quota; }
Example #5
Source File: TestTokenAuthentication.java From hbase with Apache License 2.0 | 6 votes |
@Override public AuthenticationProtos.GetAuthenticationTokenResponse getAuthenticationToken( RpcController controller, AuthenticationProtos.GetAuthenticationTokenRequest request) throws ServiceException { LOG.debug("Authentication token request from " + RpcServer.getRequestUserName().orElse(null)); // Ignore above passed in controller -- it is always null ServerRpcController serverController = new ServerRpcController(); final BlockingRpcCallback<AuthenticationProtos.GetAuthenticationTokenResponse> callback = new BlockingRpcCallback<>(); getAuthenticationToken(null, request, callback); try { serverController.checkFailed(); return callback.get(); } catch (IOException ioe) { throw new ServiceException(ioe); } }
Example #6
Source File: TestTokenAuthentication.java From hbase with Apache License 2.0 | 6 votes |
@Override public AuthenticationProtos.WhoAmIResponse whoAmI( RpcController controller, AuthenticationProtos.WhoAmIRequest request) throws ServiceException { LOG.debug("whoAmI() request from " + RpcServer.getRequestUserName().orElse(null)); // Ignore above passed in controller -- it is always null ServerRpcController serverController = new ServerRpcController(); BlockingRpcCallback<AuthenticationProtos.WhoAmIResponse> callback = new BlockingRpcCallback<>(); whoAmI(null, request, callback); try { serverController.checkFailed(); return callback.get(); } catch (IOException ioe) { throw new ServiceException(ioe); } }
Example #7
Source File: TokenProvider.java From hbase with Apache License 2.0 | 6 votes |
@Override public void start(CoprocessorEnvironment env) { // if running at region if (env instanceof RegionCoprocessorEnvironment) { RegionCoprocessorEnvironment regionEnv = (RegionCoprocessorEnvironment)env; /* Getting the RpcServer from a RegionCE is wrong. There cannot be an expectation that Region is hosted inside a RegionServer. If you need RpcServer, then pass in a RegionServerCE. TODO: FIX. */ RegionServerServices rss = ((HasRegionServerServices)regionEnv).getRegionServerServices(); RpcServerInterface server = rss.getRpcServer(); SecretManager<?> mgr = ((RpcServer)server).getSecretManager(); if (mgr instanceof AuthenticationTokenSecretManager) { secretManager = (AuthenticationTokenSecretManager)mgr; } } }
Example #8
Source File: SIObserver.java From spliceengine with GNU Affero General Public License v3.0 | 6 votes |
protected void checkAccess() throws AccessDeniedException { if (!spliceTable) return; if (!UserGroupInformation.isSecurityEnabled()) return; User user = RpcServer.getRequestUser().get(); if (user == null || user.getShortName().equalsIgnoreCase("hbase")) return; if (RpcUtils.isAccessAllowed()) return; if (!authTokenEnabled && authManager.authorize(user, Permission.Action.ADMIN)) return; throw new AccessDeniedException("Insufficient permissions for user " + user.getShortName()); }
Example #9
Source File: TestSerialReplicationEndpoint.java From hbase with Apache License 2.0 | 5 votes |
@BeforeClass public static void setUp() throws Exception { UTIL.startMiniCluster(); CONF = UTIL.getConfiguration(); CONF.setLong(RpcServer.MAX_REQUEST_SIZE, 102400); CONN = UTIL.getConnection(); }
Example #10
Source File: ObserverContextImpl.java From hbase with Apache License 2.0 | 5 votes |
/** * Instantiates a new ObserverContext instance if the passed reference is <code>null</code> and * sets the environment in the new or existing instance. This allows deferring the instantiation * of a ObserverContext until it is actually needed. * @param <E> The environment type for the context * @param env The coprocessor environment to set * @return An instance of <code>ObserverContext</code> with the environment set */ @Deprecated @VisibleForTesting // TODO: Remove this method, ObserverContext should not depend on RpcServer public static <E extends CoprocessorEnvironment> ObserverContext<E> createAndPrepare(E env) { ObserverContextImpl<E> ctx = new ObserverContextImpl<>(RpcServer.getRequestUser().orElse(null)); ctx.prepare(env); return ctx; }
Example #11
Source File: ReplicateHRegionServer.java From DataLink with Apache License 2.0 | 5 votes |
private List<RpcServer.BlockingServiceAndInterface> getServices() { List<RpcServer.BlockingServiceAndInterface> bssi = new ArrayList<>(1); bssi.add(new RpcServer.BlockingServiceAndInterface( AdminProtos.AdminService.newReflectiveBlockingService(this), AdminProtos.AdminService.BlockingInterface.class)); return bssi; }
Example #12
Source File: MetaTableMetrics.java From hbase with Apache License 2.0 | 5 votes |
private void clientMetricRegisterAndMark() { // Mark client metric String clientIP = RpcServer.getRemoteIp() != null ? RpcServer.getRemoteIp().toString() : null; if (clientIP == null || clientIP.isEmpty()) { return; } String clientRequestMeter = clientRequestMeterName(clientIP); clientMetricsLossyCounting.add(clientRequestMeter); registerAndMarkMeter(clientRequestMeter); }
Example #13
Source File: MetricsUserAggregateImpl.java From hbase with Apache License 2.0 | 5 votes |
/** * Returns the active user to which authorization checks should be applied. * If we are in the context of an RPC call, the remote user is used, * otherwise the currently logged in user is used. */ private String getActiveUser() { Optional<User> user = RpcServer.getRequestUser(); if (!user.isPresent()) { // for non-rpc handling, fallback to system user try { user = Optional.of(userProvider.getCurrent()); } catch (IOException ignore) { } } return user.map(User::getShortName).orElse(null); }
Example #14
Source File: SecureBulkLoadManager.java From hbase with Apache License 2.0 | 5 votes |
private User getActiveUser() throws IOException { // for non-rpc handling, fallback to system user User user = RpcServer.getRequestUser().orElse(userProvider.getCurrent()); // this is for testing if (userProvider.isHadoopSecurityEnabled() && "simple".equalsIgnoreCase(conf.get(User.HBASE_SECURITY_CONF_KEY))) { return User.createUserForTesting(conf, user.getShortName(), new String[] {}); } return user; }
Example #15
Source File: SepConsumer.java From hbase-indexer with Apache License 2.0 | 5 votes |
private List<RpcServer.BlockingServiceAndInterface> getServices() { List<RpcServer.BlockingServiceAndInterface> bssi = new ArrayList<RpcServer.BlockingServiceAndInterface>(1); bssi.add(new RpcServer.BlockingServiceAndInterface( AdminProtos.AdminService.newReflectiveBlockingService(this), AdminProtos.AdminService.BlockingInterface.class)); return bssi; }
Example #16
Source File: RSRpcServices.java From hbase with Apache License 2.0 | 5 votes |
@Override public void logBatchWarning(String firstRegionName, int sum, int rowSizeWarnThreshold) { if (LOG.isWarnEnabled()) { LOG.warn("Large batch operation detected (greater than " + rowSizeWarnThreshold + ") (HBASE-18023)." + " Requested Number of Rows: " + sum + " Client: " + RpcServer.getRequestUserName().orElse(null) + "/" + RpcServer.getRemoteAddress().orElse(null) + " first region in multi=" + firstRegionName); } }
Example #17
Source File: RSRpcServices.java From hbase with Apache License 2.0 | 5 votes |
@Override @QosPriority(priority=HConstants.ADMIN_QOS) public ClearCompactionQueuesResponse clearCompactionQueues(RpcController controller, ClearCompactionQueuesRequest request) throws ServiceException { LOG.debug("Client=" + RpcServer.getRequestUserName().orElse(null) + "/" + RpcServer.getRemoteAddress().orElse(null) + " clear compactions queue"); ClearCompactionQueuesResponse.Builder respBuilder = ClearCompactionQueuesResponse.newBuilder(); requestCount.increment(); if (clearCompactionQueues.compareAndSet(false,true)) { try { checkOpen(); regionServer.getRegionServerCoprocessorHost().preClearCompactionQueues(); for (String queueName : request.getQueueNameList()) { LOG.debug("clear " + queueName + " compaction queue"); switch (queueName) { case "long": regionServer.compactSplitThread.clearLongCompactionsQueue(); break; case "short": regionServer.compactSplitThread.clearShortCompactionsQueue(); break; default: LOG.warn("Unknown queue name " + queueName); throw new IOException("Unknown queue name " + queueName); } } regionServer.getRegionServerCoprocessorHost().postClearCompactionQueues(); } catch (IOException ie) { throw new ServiceException(ie); } finally { clearCompactionQueues.set(false); } } else { LOG.warn("Clear compactions queue is executing by other admin."); } return respBuilder.build(); }
Example #18
Source File: PhoenixAccessController.java From phoenix with Apache License 2.0 | 5 votes |
private void logResult(AuthResult result) { if (AUDITLOG.isTraceEnabled()) { Optional<InetAddress> remoteAddr = RpcServer.getRemoteAddress(); AUDITLOG.trace("Access " + (result.isAllowed() ? "allowed" : "denied") + " for user " + (result.getUser() != null ? result.getUser().getShortName() : "UNKNOWN") + "; reason: " + result.getReason() + "; remote address: " + (remoteAddr.isPresent() ? remoteAddr.get() : "") + "; request: " + result.getRequest() + "; context: " + result.toContextString()); } }
Example #19
Source File: TestSecureIPC.java From hbase with Apache License 2.0 | 5 votes |
@Test public void testRpcFallbackToSimpleAuth() throws Exception { String clientUsername = "testuser"; UserGroupInformation clientUgi = UserGroupInformation.createUserForTesting(clientUsername, new String[] { clientUsername }); // check that the client user is insecure assertNotSame(ugi, clientUgi); assertEquals(AuthenticationMethod.SIMPLE, clientUgi.getAuthenticationMethod()); assertEquals(clientUsername, clientUgi.getUserName()); clientConf.set(User.HBASE_SECURITY_CONF_KEY, "simple"); serverConf.setBoolean(RpcServer.FALLBACK_TO_INSECURE_CLIENT_AUTH, true); callRpcService(User.create(clientUgi)); }
Example #20
Source File: TestSecureIPC.java From hbase with Apache License 2.0 | 5 votes |
/** * Sets up a RPC Server and a Client. Does a RPC checks the result. If an exception is thrown from * the stub, this function will throw root cause of that exception. */ private void callRpcService(User clientUser) throws Exception { SecurityInfo securityInfoMock = Mockito.mock(SecurityInfo.class); Mockito.when(securityInfoMock.getServerPrincipal()) .thenReturn(HBaseKerberosUtils.KRB_PRINCIPAL); SecurityInfo.addInfo("TestProtobufRpcProto", securityInfoMock); InetSocketAddress isa = new InetSocketAddress(HOST, 0); RpcServerInterface rpcServer = RpcServerFactory.createRpcServer(null, "AbstractTestSecureIPC", Lists.newArrayList(new RpcServer.BlockingServiceAndInterface((BlockingService) SERVICE, null)), isa, serverConf, new FifoRpcScheduler(serverConf, 1)); rpcServer.start(); try (RpcClient rpcClient = RpcClientFactory.createClient(clientConf, HConstants.DEFAULT_CLUSTER_ID.toString())) { BlockingInterface stub = newBlockingStub(rpcClient, rpcServer.getListenerAddress(), clientUser); TestThread th1 = new TestThread(stub); final Throwable exception[] = new Throwable[1]; Collections.synchronizedList(new ArrayList<Throwable>()); Thread.UncaughtExceptionHandler exceptionHandler = new Thread.UncaughtExceptionHandler() { @Override public void uncaughtException(Thread th, Throwable ex) { exception[0] = ex; } }; th1.setUncaughtExceptionHandler(exceptionHandler); th1.start(); th1.join(); if (exception[0] != null) { // throw root cause. while (exception[0].getCause() != null) { exception[0] = exception[0].getCause(); } throw (Exception) exception[0]; } } finally { rpcServer.stop(); } }
Example #21
Source File: HadoopShim.java From pentaho-hadoop-shims with Apache License 2.0 | 5 votes |
@Override public Class[] getHbaseDependencyClasses() { return new Class[] { HConstants.class, org.apache.hadoop.hbase.protobuf.generated.ClientProtos.class, org.apache.hadoop.hbase.shaded.protobuf.generated.ClientProtos.class, Put.class, RpcServer.class, CompatibilityFactory.class, JobUtil.class, TableMapper.class, FastLongHistogram.class, Snapshot.class, ZooKeeper.class, Channel.class, Message.class, UnsafeByteOperations.class, Lists.class, Tracer.class, MetricRegistry.class, ArrayUtils.class, ObjectMapper.class, Versioned.class, JsonView.class, ZKWatcher.class }; }
Example #22
Source File: HadoopShim.java From pentaho-hadoop-shims with Apache License 2.0 | 5 votes |
@Override public Class[] getHbaseDependencyClasses() { return new Class[] { HConstants.class, org.apache.hadoop.hbase.protobuf.generated.ClientProtos.class, org.apache.hadoop.hbase.shaded.protobuf.generated.ClientProtos.class, Put.class, RpcServer.class, CompatibilityFactory.class, JobUtil.class, TableMapper.class, FastLongHistogram.class, Snapshot.class, ZooKeeper.class, Channel.class, Message.class, UnsafeByteOperations.class, Lists.class, Tracer.class, MetricRegistry.class, ArrayUtils.class, ObjectMapper.class, Versioned.class, JsonView.class, ZKWatcher.class }; }
Example #23
Source File: TestRegionProcedureStore.java From hbase with Apache License 2.0 | 5 votes |
/** * Test for HBASE-23895 */ @Test public void testInsertWithRpcCall() throws Exception { RpcServer.setCurrentCall(newRpcCallWithDeadline()); RegionProcedureStoreTestProcedure proc1 = new RegionProcedureStoreTestProcedure(); store.insert(proc1, null); RpcServer.setCurrentCall(null); }
Example #24
Source File: TestRSGroupsWithACL.java From hbase with Apache License 2.0 | 5 votes |
private User getActiveUser() throws IOException { // for non-rpc handling, fallback to system user Optional<User> optionalUser = RpcServer.getRequestUser(); if (optionalUser.isPresent()) { return optionalUser.get(); } return userProvider.getCurrent(); }
Example #25
Source File: HadoopShim.java From pentaho-hadoop-shims with Apache License 2.0 | 5 votes |
@Override public Class[] getHbaseDependencyClasses() { return new Class[] { HConstants.class, org.apache.hadoop.hbase.protobuf.generated.ClientProtos.class, org.apache.hadoop.hbase.shaded.protobuf.generated.ClientProtos.class, Put.class, RpcServer.class, CompatibilityFactory.class, JobUtil.class, TableMapper.class, FastLongHistogram.class, Snapshot.class, ZooKeeper.class, Channel.class, Message.class, UnsafeByteOperations.class, Lists.class, Tracer.class, MetricRegistry.class, ArrayUtils.class, ObjectMapper.class, Versioned.class, JsonView.class, ZKWatcher.class, CacheLoader.class }; }
Example #26
Source File: PhoenixAccessController.java From phoenix with Apache License 2.0 | 5 votes |
private User getActiveUser() throws IOException { Optional<User> user = RpcServer.getRequestUser(); if (!user.isPresent()) { // for non-rpc handling, fallback to system user return userProvider.getCurrent(); } return user.get(); }
Example #27
Source File: MasterRpcServices.java From hbase with Apache License 2.0 | 5 votes |
@Override public RevokeResponse revoke(RpcController controller, RevokeRequest request) throws ServiceException { try { master.checkInitialized(); if (master.cpHost != null && hasAccessControlServiceCoprocessor(master.cpHost)) { final UserPermission userPermission = ShadedAccessControlUtil.toUserPermission(request.getUserPermission()); master.cpHost.preRevoke(userPermission); try (Table table = master.getConnection().getTable(PermissionStorage.ACL_TABLE_NAME)) { PermissionStorage.removeUserPermission(master.getConfiguration(), userPermission, table); } master.cpHost.postRevoke(userPermission); User caller = RpcServer.getRequestUser().orElse(null); if (AUDITLOG.isTraceEnabled()) { // audit log should record all permission changes String remoteAddress = RpcServer.getRemoteAddress().map(InetAddress::toString).orElse(""); AUDITLOG.trace("User {} (remote address: {}) revoked permission {}", caller, remoteAddress, userPermission); } return RevokeResponse.getDefaultInstance(); } else { throw new DoNotRetryIOException( new UnsupportedOperationException(AccessController.class.getName() + " is not loaded")); } } catch (IOException ioe) { throw new ServiceException(ioe); } }
Example #28
Source File: RangerAuthorizationCoprocessor.java From ranger with Apache License 2.0 | 5 votes |
private void requireScannerOwner(ObserverContext<?> ctx, InternalScanner s) throws AccessDeniedException { if (!RpcServer.isInRpcCallContext()) { return; } User user = getActiveUser(ctx); String requestUserName = user.getShortName(); String owner = scannerOwners.get(s); if (owner != null && !owner.equals(requestUserName)) { throw new AccessDeniedException("User '"+ requestUserName +"' is not the scanner owner!"); } }
Example #29
Source File: Export.java From hbase with Apache License 2.0 | 5 votes |
private static User getActiveUser(final UserProvider userProvider, final Token userToken) throws IOException { User user = RpcServer.getRequestUser().orElse(userProvider.getCurrent()); if (user == null && userToken != null) { LOG.warn("No found of user credentials, but a token was got from user request"); } else if (user != null && userToken != null) { user.addToken(userToken); } return user; }
Example #30
Source File: VisibilityController.java From hbase with Apache License 2.0 | 5 votes |
/** * Verify, when servicing an RPC, that the caller is the scanner owner. If so, we assume that * access control is correctly enforced based on the checks performed in preScannerOpen() */ private void requireScannerOwner(InternalScanner s) throws AccessDeniedException { if (!RpcServer.isInRpcCallContext()) return; String requestUName = RpcServer.getRequestUserName().orElse(null); String owner = scannerOwners.get(s); if (authorizationEnabled && owner != null && !owner.equals(requestUName)) { throw new AccessDeniedException("User '" + requestUName + "' is not the scanner owner!"); } }