HDFS-10209. Support enable caller context in HDFS namenode audit log without restart namenode
This commit is contained in:
Xiaobing Zhou
Xiaoyu Yao
parent
8ced42daff
commit
192112d5a2
|
|
@ -902,6 +902,36 @@ public class FSNamesystem implements Namesystem, FSNamesystemMBean,
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Locate DefaultAuditLogger, if any, to enable/disable CallerContext.
|
||||||
|
*
|
||||||
|
* @param value
|
||||||
|
* true, enable CallerContext, otherwise false to disable it.
|
||||||
|
*/
|
||||||
|
void setCallerContextEnabled(final boolean value) {
|
||||||
|
for (AuditLogger logger : auditLoggers) {
|
||||||
|
if (logger instanceof DefaultAuditLogger) {
|
||||||
|
((DefaultAuditLogger) logger).setCallerContextEnabled(value);
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get the value indicating if CallerContext is enabled.
|
||||||
|
*
|
||||||
|
* @return true, if CallerContext is enabled, otherwise false, if it's
|
||||||
|
* disabled.
|
||||||
|
*/
|
||||||
|
boolean getCallerContextEnabled() {
|
||||||
|
for (AuditLogger logger : auditLoggers) {
|
||||||
|
if (logger instanceof DefaultAuditLogger) {
|
||||||
|
return ((DefaultAuditLogger) logger).getCallerContextEnabled();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
private List<AuditLogger> initAuditLoggers(Configuration conf) {
|
private List<AuditLogger> initAuditLoggers(Configuration conf) {
|
||||||
// Initialize the custom access loggers if configured.
|
// Initialize the custom access loggers if configured.
|
||||||
Collection<String> alClasses =
|
Collection<String> alClasses =
|
||||||
|
|
@ -6848,13 +6878,33 @@ public class FSNamesystem implements Namesystem, FSNamesystemMBean,
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
private boolean isCallerContextEnabled;
|
private volatile boolean isCallerContextEnabled;
|
||||||
private int callerContextMaxLen;
|
private int callerContextMaxLen;
|
||||||
private int callerSignatureMaxLen;
|
private int callerSignatureMaxLen;
|
||||||
|
|
||||||
private boolean logTokenTrackingId;
|
private boolean logTokenTrackingId;
|
||||||
private Set<String> debugCmdSet = new HashSet<String>();
|
private Set<String> debugCmdSet = new HashSet<String>();
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Enable or disable CallerContext.
|
||||||
|
*
|
||||||
|
* @param value
|
||||||
|
* true, enable CallerContext, otherwise false to disable it.
|
||||||
|
*/
|
||||||
|
void setCallerContextEnabled(final boolean value) {
|
||||||
|
isCallerContextEnabled = value;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get the value indicating if CallerContext is enabled.
|
||||||
|
*
|
||||||
|
* @return true, if CallerContext is enabled, otherwise false, if it's
|
||||||
|
* disabled.
|
||||||
|
*/
|
||||||
|
boolean getCallerContextEnabled() {
|
||||||
|
return isCallerContextEnabled;
|
||||||
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void initialize(Configuration conf) {
|
public void initialize(Configuration conf) {
|
||||||
isCallerContextEnabled = conf.getBoolean(
|
isCallerContextEnabled = conf.getBoolean(
|
||||||
|
|
|
||||||
|
|
@ -107,6 +107,8 @@ import static org.apache.hadoop.fs.CommonConfigurationKeysPublic.FS_DEFAULT_NAME
|
||||||
import static org.apache.hadoop.fs.CommonConfigurationKeysPublic.FS_TRASH_INTERVAL_DEFAULT;
|
import static org.apache.hadoop.fs.CommonConfigurationKeysPublic.FS_TRASH_INTERVAL_DEFAULT;
|
||||||
import static org.apache.hadoop.fs.CommonConfigurationKeysPublic.FS_TRASH_INTERVAL_KEY;
|
import static org.apache.hadoop.fs.CommonConfigurationKeysPublic.FS_TRASH_INTERVAL_KEY;
|
||||||
import static org.apache.hadoop.hdfs.client.HdfsClientConfigKeys.DFS_NAMENODE_RPC_PORT_DEFAULT;
|
import static org.apache.hadoop.hdfs.client.HdfsClientConfigKeys.DFS_NAMENODE_RPC_PORT_DEFAULT;
|
||||||
|
import static org.apache.hadoop.fs.CommonConfigurationKeysPublic.HADOOP_CALLER_CONTEXT_ENABLED_KEY;
|
||||||
|
import static org.apache.hadoop.fs.CommonConfigurationKeysPublic.HADOOP_CALLER_CONTEXT_ENABLED_DEFAULT;
|
||||||
import static org.apache.hadoop.hdfs.DFSConfigKeys.DFS_HA_AUTO_FAILOVER_ENABLED_DEFAULT;
|
import static org.apache.hadoop.hdfs.DFSConfigKeys.DFS_HA_AUTO_FAILOVER_ENABLED_DEFAULT;
|
||||||
import static org.apache.hadoop.hdfs.DFSConfigKeys.DFS_HA_AUTO_FAILOVER_ENABLED_KEY;
|
import static org.apache.hadoop.hdfs.DFSConfigKeys.DFS_HA_AUTO_FAILOVER_ENABLED_KEY;
|
||||||
import static org.apache.hadoop.hdfs.DFSConfigKeys.DFS_HA_FENCE_METHODS_KEY;
|
import static org.apache.hadoop.hdfs.DFSConfigKeys.DFS_HA_FENCE_METHODS_KEY;
|
||||||
|
|
@ -277,7 +279,8 @@ public class NameNode extends ReconfigurableBase implements
|
||||||
.unmodifiableList(Arrays
|
.unmodifiableList(Arrays
|
||||||
.asList(DFS_HEARTBEAT_INTERVAL_KEY,
|
.asList(DFS_HEARTBEAT_INTERVAL_KEY,
|
||||||
DFS_NAMENODE_HEARTBEAT_RECHECK_INTERVAL_KEY,
|
DFS_NAMENODE_HEARTBEAT_RECHECK_INTERVAL_KEY,
|
||||||
FS_PROTECTED_DIRECTORIES));
|
FS_PROTECTED_DIRECTORIES,
|
||||||
|
HADOOP_CALLER_CONTEXT_ENABLED_KEY));
|
||||||
|
|
||||||
private static final String USAGE = "Usage: hdfs namenode ["
|
private static final String USAGE = "Usage: hdfs namenode ["
|
||||||
+ StartupOption.BACKUP.getName() + "] | \n\t["
|
+ StartupOption.BACKUP.getName() + "] | \n\t["
|
||||||
|
|
@ -2008,7 +2011,9 @@ public class NameNode extends ReconfigurableBase implements
|
||||||
+ datanodeManager.getHeartbeatRecheckInterval());
|
+ datanodeManager.getHeartbeatRecheckInterval());
|
||||||
}
|
}
|
||||||
case FS_PROTECTED_DIRECTORIES:
|
case FS_PROTECTED_DIRECTORIES:
|
||||||
return getNamesystem().getFSDirectory().setProtectedDirectories(newVal);
|
return reconfProtectedDirectories(newVal);
|
||||||
|
case HADOOP_CALLER_CONTEXT_ENABLED_KEY:
|
||||||
|
return reconfCallerContextEnabled(newVal);
|
||||||
default:
|
default:
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
@ -2016,6 +2021,21 @@ public class NameNode extends ReconfigurableBase implements
|
||||||
.get(property));
|
.get(property));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private String reconfProtectedDirectories(String newVal) {
|
||||||
|
return getNamesystem().getFSDirectory().setProtectedDirectories(newVal);
|
||||||
|
}
|
||||||
|
|
||||||
|
private String reconfCallerContextEnabled(String newVal) {
|
||||||
|
Boolean callerContextEnabled;
|
||||||
|
if (newVal == null) {
|
||||||
|
callerContextEnabled = HADOOP_CALLER_CONTEXT_ENABLED_DEFAULT;
|
||||||
|
} else {
|
||||||
|
callerContextEnabled = Boolean.parseBoolean(newVal);
|
||||||
|
}
|
||||||
|
namesystem.setCallerContextEnabled(callerContextEnabled);
|
||||||
|
return Boolean.toString(callerContextEnabled);
|
||||||
|
}
|
||||||
|
|
||||||
@Override // ReconfigurableBase
|
@Override // ReconfigurableBase
|
||||||
protected Configuration getNewConf() {
|
protected Configuration getNewConf() {
|
||||||
return new HdfsConfiguration();
|
return new HdfsConfiguration();
|
||||||
|
|
|
||||||
|
|
@ -34,6 +34,8 @@ import org.apache.hadoop.hdfs.MiniDFSCluster;
|
||||||
import org.apache.hadoop.hdfs.HdfsConfiguration;
|
import org.apache.hadoop.hdfs.HdfsConfiguration;
|
||||||
import org.apache.hadoop.hdfs.server.blockmanagement.DatanodeManager;
|
import org.apache.hadoop.hdfs.server.blockmanagement.DatanodeManager;
|
||||||
|
|
||||||
|
import static org.apache.hadoop.fs.CommonConfigurationKeysPublic.HADOOP_CALLER_CONTEXT_ENABLED_KEY;
|
||||||
|
import static org.apache.hadoop.fs.CommonConfigurationKeysPublic.HADOOP_CALLER_CONTEXT_ENABLED_DEFAULT;
|
||||||
import static org.apache.hadoop.hdfs.DFSConfigKeys.DFS_HEARTBEAT_INTERVAL_KEY;
|
import static org.apache.hadoop.hdfs.DFSConfigKeys.DFS_HEARTBEAT_INTERVAL_KEY;
|
||||||
import static org.apache.hadoop.hdfs.DFSConfigKeys.DFS_HEARTBEAT_INTERVAL_DEFAULT;
|
import static org.apache.hadoop.hdfs.DFSConfigKeys.DFS_HEARTBEAT_INTERVAL_DEFAULT;
|
||||||
import static org.apache.hadoop.hdfs.DFSConfigKeys.DFS_NAMENODE_HEARTBEAT_RECHECK_INTERVAL_KEY;
|
import static org.apache.hadoop.hdfs.DFSConfigKeys.DFS_NAMENODE_HEARTBEAT_RECHECK_INTERVAL_KEY;
|
||||||
|
|
@ -50,13 +52,60 @@ public class TestNameNodeReconfigure {
|
||||||
public void setUp() throws IOException {
|
public void setUp() throws IOException {
|
||||||
Configuration conf = new HdfsConfiguration();
|
Configuration conf = new HdfsConfiguration();
|
||||||
cluster = new MiniDFSCluster.Builder(conf).build();
|
cluster = new MiniDFSCluster.Builder(conf).build();
|
||||||
|
cluster.waitActive();
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void testReconfigureCallerContextEnabled()
|
||||||
|
throws ReconfigurationException {
|
||||||
|
final NameNode nameNode = cluster.getNameNode();
|
||||||
|
final FSNamesystem nameSystem = nameNode.getNamesystem();
|
||||||
|
|
||||||
|
// try invalid values
|
||||||
|
nameNode.reconfigureProperty(HADOOP_CALLER_CONTEXT_ENABLED_KEY, "text");
|
||||||
|
assertEquals(HADOOP_CALLER_CONTEXT_ENABLED_KEY + " has wrong value", false,
|
||||||
|
nameSystem.getCallerContextEnabled());
|
||||||
|
assertEquals(
|
||||||
|
HADOOP_CALLER_CONTEXT_ENABLED_KEY + " has wrong value",
|
||||||
|
false,
|
||||||
|
nameNode.getConf().getBoolean(HADOOP_CALLER_CONTEXT_ENABLED_KEY,
|
||||||
|
HADOOP_CALLER_CONTEXT_ENABLED_DEFAULT));
|
||||||
|
|
||||||
|
// enable CallerContext
|
||||||
|
nameNode.reconfigureProperty(HADOOP_CALLER_CONTEXT_ENABLED_KEY, "true");
|
||||||
|
assertEquals(HADOOP_CALLER_CONTEXT_ENABLED_KEY + " has wrong value", true,
|
||||||
|
nameSystem.getCallerContextEnabled());
|
||||||
|
assertEquals(
|
||||||
|
HADOOP_CALLER_CONTEXT_ENABLED_KEY + " has wrong value",
|
||||||
|
true,
|
||||||
|
nameNode.getConf().getBoolean(HADOOP_CALLER_CONTEXT_ENABLED_KEY,
|
||||||
|
HADOOP_CALLER_CONTEXT_ENABLED_DEFAULT));
|
||||||
|
|
||||||
|
// disable CallerContext
|
||||||
|
nameNode.reconfigureProperty(HADOOP_CALLER_CONTEXT_ENABLED_KEY, "false");
|
||||||
|
assertEquals(HADOOP_CALLER_CONTEXT_ENABLED_KEY + " has wrong value", false,
|
||||||
|
nameSystem.getCallerContextEnabled());
|
||||||
|
assertEquals(
|
||||||
|
HADOOP_CALLER_CONTEXT_ENABLED_KEY + " has wrong value",
|
||||||
|
false,
|
||||||
|
nameNode.getConf().getBoolean(HADOOP_CALLER_CONTEXT_ENABLED_KEY,
|
||||||
|
HADOOP_CALLER_CONTEXT_ENABLED_DEFAULT));
|
||||||
|
|
||||||
|
// revert to default
|
||||||
|
nameNode.reconfigureProperty(HADOOP_CALLER_CONTEXT_ENABLED_KEY, null);
|
||||||
|
|
||||||
|
// verify default
|
||||||
|
assertEquals(HADOOP_CALLER_CONTEXT_ENABLED_KEY + " has wrong value", false,
|
||||||
|
nameSystem.getCallerContextEnabled());
|
||||||
|
assertEquals(HADOOP_CALLER_CONTEXT_ENABLED_KEY + " has wrong value", null,
|
||||||
|
nameNode.getConf().get(HADOOP_CALLER_CONTEXT_ENABLED_KEY));
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Test that we can modify configuration properties.
|
* Test that we can modify configuration properties.
|
||||||
*/
|
*/
|
||||||
@Test
|
@Test
|
||||||
public void testReconfigure() throws ReconfigurationException {
|
public void testReconfigureHearbeatCheck1() throws ReconfigurationException {
|
||||||
final NameNode nameNode = cluster.getNameNode();
|
final NameNode nameNode = cluster.getNameNode();
|
||||||
final DatanodeManager datanodeManager = nameNode.namesystem
|
final DatanodeManager datanodeManager = nameNode.namesystem
|
||||||
.getBlockManager().getDatanodeManager();
|
.getBlockManager().getDatanodeManager();
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue