org.apache.hadoop.hdfs.server.namenode.SecondaryNameNode Java Examples

The following examples show how to use org.apache.hadoop.hdfs.server.namenode.SecondaryNameNode. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: TestHAConfiguration.java    From hadoop with Apache License 2.0 6 votes vote down vote up
/**
 * Test that the 2NN does not start if given a config with HA NNs.
 */
@Test
public void testSecondaryNameNodeDoesNotStart() throws IOException {
  // Note we're not explicitly setting the nameservice Id in the
  // config as it is not required to be set and we want to test
  // that we can determine if HA is enabled when the nameservice Id
  // is not explicitly defined.
  Configuration conf = getHAConf("ns1", "1.2.3.1", "1.2.3.2");
  try {
    new SecondaryNameNode(conf);
    fail("Created a 2NN with an HA config");
  } catch (IOException ioe) {
    GenericTestUtils.assertExceptionContains(
        "Cannot use SecondaryNameNode in an HA cluster", ioe);
  }
}
 
Example #2
Source File: TestHAConfiguration.java    From big-c with Apache License 2.0 6 votes vote down vote up
/**
 * Test that the 2NN does not start if given a config with HA NNs.
 */
@Test
public void testSecondaryNameNodeDoesNotStart() throws IOException {
  // Note we're not explicitly setting the nameservice Id in the
  // config as it is not required to be set and we want to test
  // that we can determine if HA is enabled when the nameservice Id
  // is not explicitly defined.
  Configuration conf = getHAConf("ns1", "1.2.3.1", "1.2.3.2");
  try {
    new SecondaryNameNode(conf);
    fail("Created a 2NN with an HA config");
  } catch (IOException ioe) {
    GenericTestUtils.assertExceptionContains(
        "Cannot use SecondaryNameNode in an HA cluster", ioe);
  }
}
 
Example #3
Source File: TestHDFSServerPorts.java    From RDFS with Apache License 2.0 6 votes vote down vote up
/**
 * Verify secondary name-node port usage.
 */
public void testSecondaryNodePorts() throws Exception {
  NameNode nn = null;
  try {
    nn = startNameNode();

    // bind http server to the same port as name-node
    Configuration conf2 = new Configuration(config);
    conf2.set("dfs.secondary.http.address", 
              config.get("dfs.http.address"));
    SecondaryNameNode.LOG.info("= Starting 1 on: " + 
                               conf2.get("dfs.secondary.http.address"));
    boolean started = canStartSecondaryNode(conf2);
    assertFalse(started); // should fail

    // bind http server to a different port
    conf2.set("dfs.secondary.http.address", NAME_NODE_HTTP_HOST + "0");
    SecondaryNameNode.LOG.info("= Starting 2 on: " + 
                               conf2.get("dfs.secondary.http.address"));
    started = canStartSecondaryNode(conf2);
    assertTrue(started); // should start now
  } finally {
    stopNameNode(nn);
  }
}
 
Example #4
Source File: TestHDFSServerPorts.java    From hadoop-gpu with Apache License 2.0 6 votes vote down vote up
/**
 * Verify secondary name-node port usage.
 */
public void testSecondaryNodePorts() throws Exception {
  NameNode nn = null;
  try {
    nn = startNameNode();

    // bind http server to the same port as name-node
    Configuration conf2 = new Configuration(config);
    conf2.set("dfs.secondary.http.address", 
              config.get("dfs.http.address"));
    SecondaryNameNode.LOG.info("= Starting 1 on: " + 
                               conf2.get("dfs.secondary.http.address"));
    boolean started = canStartSecondaryNode(conf2);
    assertFalse(started); // should fail

    // bind http server to a different port
    conf2.set("dfs.secondary.http.address", NAME_NODE_HTTP_HOST + "0");
    SecondaryNameNode.LOG.info("= Starting 2 on: " + 
                               conf2.get("dfs.secondary.http.address"));
    started = canStartSecondaryNode(conf2);
    assertTrue(started); // should start now
  } finally {
    stopNameNode(nn);
  }
}
 
Example #5
Source File: GetJournalEditServlet.java    From hadoop with Apache License 2.0 4 votes vote down vote up
protected boolean isValidRequestor(HttpServletRequest request, Configuration conf)
    throws IOException {
  String remotePrincipal = request.getUserPrincipal().getName();
  String remoteShortName = request.getRemoteUser();
  if (remotePrincipal == null) { // This really shouldn't happen...
    LOG.warn("Received null remoteUser while authorizing access to " +
        "GetJournalEditServlet");
    return false;
  }

  if (LOG.isDebugEnabled()) {
    LOG.debug("Validating request made by " + remotePrincipal +
        " / " + remoteShortName + ". This user is: " +
        UserGroupInformation.getLoginUser());
  }

  Set<String> validRequestors = new HashSet<String>();
  validRequestors.addAll(DFSUtil.getAllNnPrincipals(conf));
  try {
    validRequestors.add(
        SecurityUtil.getServerPrincipal(conf
            .get(DFSConfigKeys.DFS_SECONDARY_NAMENODE_KERBEROS_PRINCIPAL_KEY),
            SecondaryNameNode.getHttpAddress(conf).getHostName()));
  } catch (Exception e) {
    // Don't halt if SecondaryNameNode principal could not be added.
    LOG.debug("SecondaryNameNode principal could not be added", e);
    String msg = String.format(
      "SecondaryNameNode principal not considered, %s = %s, %s = %s",
      DFSConfigKeys.DFS_SECONDARY_NAMENODE_KERBEROS_PRINCIPAL_KEY,
      conf.get(DFSConfigKeys.DFS_SECONDARY_NAMENODE_KERBEROS_PRINCIPAL_KEY),
      DFSConfigKeys.DFS_NAMENODE_SECONDARY_HTTP_ADDRESS_KEY,
      conf.get(DFSConfigKeys.DFS_NAMENODE_SECONDARY_HTTP_ADDRESS_KEY,
        DFSConfigKeys.DFS_NAMENODE_SECONDARY_HTTP_ADDRESS_DEFAULT));
    LOG.warn(msg);
  }

  // Check the full principal name of all the configured valid requestors.
  for (String v : validRequestors) {
    if (LOG.isDebugEnabled())
      LOG.debug("isValidRequestor is comparing to valid requestor: " + v);
    if (v != null && v.equals(remotePrincipal)) {
      if (LOG.isDebugEnabled())
        LOG.debug("isValidRequestor is allowing: " + remotePrincipal);
      return true;
    }
  }

  // Additionally, we compare the short name of the requestor to this JN's
  // username, because we want to allow requests from other JNs during
  // recovery, but we can't enumerate the full list of JNs.
  if (remoteShortName.equals(
        UserGroupInformation.getLoginUser().getShortUserName())) {
    if (LOG.isDebugEnabled())
      LOG.debug("isValidRequestor is allowing other JN principal: " +
          remotePrincipal);
    return true;
  }

  if (LOG.isDebugEnabled())
    LOG.debug("isValidRequestor is rejecting: " + remotePrincipal);
  return false;
}
 
Example #6
Source File: GetJournalEditServlet.java    From big-c with Apache License 2.0 4 votes vote down vote up
protected boolean isValidRequestor(HttpServletRequest request, Configuration conf)
    throws IOException {
  String remotePrincipal = request.getUserPrincipal().getName();
  String remoteShortName = request.getRemoteUser();
  if (remotePrincipal == null) { // This really shouldn't happen...
    LOG.warn("Received null remoteUser while authorizing access to " +
        "GetJournalEditServlet");
    return false;
  }

  if (LOG.isDebugEnabled()) {
    LOG.debug("Validating request made by " + remotePrincipal +
        " / " + remoteShortName + ". This user is: " +
        UserGroupInformation.getLoginUser());
  }

  Set<String> validRequestors = new HashSet<String>();
  validRequestors.addAll(DFSUtil.getAllNnPrincipals(conf));
  try {
    validRequestors.add(
        SecurityUtil.getServerPrincipal(conf
            .get(DFSConfigKeys.DFS_SECONDARY_NAMENODE_KERBEROS_PRINCIPAL_KEY),
            SecondaryNameNode.getHttpAddress(conf).getHostName()));
  } catch (Exception e) {
    // Don't halt if SecondaryNameNode principal could not be added.
    LOG.debug("SecondaryNameNode principal could not be added", e);
    String msg = String.format(
      "SecondaryNameNode principal not considered, %s = %s, %s = %s",
      DFSConfigKeys.DFS_SECONDARY_NAMENODE_KERBEROS_PRINCIPAL_KEY,
      conf.get(DFSConfigKeys.DFS_SECONDARY_NAMENODE_KERBEROS_PRINCIPAL_KEY),
      DFSConfigKeys.DFS_NAMENODE_SECONDARY_HTTP_ADDRESS_KEY,
      conf.get(DFSConfigKeys.DFS_NAMENODE_SECONDARY_HTTP_ADDRESS_KEY,
        DFSConfigKeys.DFS_NAMENODE_SECONDARY_HTTP_ADDRESS_DEFAULT));
    LOG.warn(msg);
  }

  // Check the full principal name of all the configured valid requestors.
  for (String v : validRequestors) {
    if (LOG.isDebugEnabled())
      LOG.debug("isValidRequestor is comparing to valid requestor: " + v);
    if (v != null && v.equals(remotePrincipal)) {
      if (LOG.isDebugEnabled())
        LOG.debug("isValidRequestor is allowing: " + remotePrincipal);
      return true;
    }
  }

  // Additionally, we compare the short name of the requestor to this JN's
  // username, because we want to allow requests from other JNs during
  // recovery, but we can't enumerate the full list of JNs.
  if (remoteShortName.equals(
        UserGroupInformation.getLoginUser().getShortUserName())) {
    if (LOG.isDebugEnabled())
      LOG.debug("isValidRequestor is allowing other JN principal: " +
          remotePrincipal);
    return true;
  }

  if (LOG.isDebugEnabled())
    LOG.debug("isValidRequestor is rejecting: " + remotePrincipal);
  return false;
}