svn merge -c 1227887 from trunk for HDFS-2697.
git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/branches/branch-0.23-PB@1231836 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
parent
184f0644ee
commit
7c39f9b4f1
|
@ -38,6 +38,9 @@ Release 0.23-PB - Unreleased
|
||||||
|
|
||||||
HDFS-2661. Enable protobuf RPC for DatanodeProtocol. (jitendra)
|
HDFS-2661. Enable protobuf RPC for DatanodeProtocol. (jitendra)
|
||||||
|
|
||||||
|
HDFS-2697. Move RefreshAuthPolicy, RefreshUserMappings, GetUserMappings
|
||||||
|
protocol to protocol buffers. (jitendra)
|
||||||
|
|
||||||
IMPROVEMENTS
|
IMPROVEMENTS
|
||||||
|
|
||||||
HDFS-2018. Move all journal stream management code into one place.
|
HDFS-2018. Move all journal stream management code into one place.
|
||||||
|
|
|
@ -0,0 +1,89 @@
|
||||||
|
/**
|
||||||
|
* Licensed to the Apache Software Foundation (ASF) under one
|
||||||
|
* or more contributor license agreements. See the NOTICE file
|
||||||
|
* distributed with this work for additional information
|
||||||
|
* regarding copyright ownership. The ASF licenses this file
|
||||||
|
* to you under the Apache License, Version 2.0 (the
|
||||||
|
* "License"); you may not use this file except in compliance
|
||||||
|
* with the License. You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
package org.apache.hadoop.hdfs.protocolPB;
|
||||||
|
|
||||||
|
import java.io.Closeable;
|
||||||
|
import java.io.IOException;
|
||||||
|
import java.net.InetSocketAddress;
|
||||||
|
|
||||||
|
import org.apache.hadoop.conf.Configuration;
|
||||||
|
import org.apache.hadoop.hdfs.protocol.proto.GetUserMappingsProtocolProtos.GetGroupsForUserRequestProto;
|
||||||
|
import org.apache.hadoop.hdfs.protocol.proto.GetUserMappingsProtocolProtos.GetGroupsForUserResponseProto;
|
||||||
|
import org.apache.hadoop.hdfs.protocolR23Compatible.ProtocolSignatureWritable;
|
||||||
|
import org.apache.hadoop.hdfs.server.namenode.NameNode;
|
||||||
|
import org.apache.hadoop.ipc.ProtobufHelper;
|
||||||
|
import org.apache.hadoop.ipc.ProtobufRpcEngine;
|
||||||
|
import org.apache.hadoop.ipc.ProtocolSignature;
|
||||||
|
import org.apache.hadoop.ipc.RPC;
|
||||||
|
import org.apache.hadoop.net.NetUtils;
|
||||||
|
import org.apache.hadoop.security.UserGroupInformation;
|
||||||
|
import org.apache.hadoop.tools.GetUserMappingsProtocol;
|
||||||
|
|
||||||
|
import com.google.protobuf.RpcController;
|
||||||
|
import com.google.protobuf.ServiceException;
|
||||||
|
|
||||||
|
public class GetUserMappingsProtocolClientSideTranslatorPB implements
|
||||||
|
GetUserMappingsProtocol, Closeable {
|
||||||
|
|
||||||
|
/** RpcController is not used and hence is set to null */
|
||||||
|
private final static RpcController NULL_CONTROLLER = null;
|
||||||
|
private final GetUserMappingsProtocolPB rpcProxy;
|
||||||
|
|
||||||
|
public GetUserMappingsProtocolClientSideTranslatorPB(
|
||||||
|
InetSocketAddress nameNodeAddr, UserGroupInformation ugi,
|
||||||
|
Configuration conf) throws IOException {
|
||||||
|
RPC.setProtocolEngine(conf, GetUserMappingsProtocolPB.class,
|
||||||
|
ProtobufRpcEngine.class);
|
||||||
|
rpcProxy = RPC.getProxy(GetUserMappingsProtocolPB.class,
|
||||||
|
RPC.getProtocolVersion(GetUserMappingsProtocolPB.class),
|
||||||
|
NameNode.getAddress(conf), ugi, conf,
|
||||||
|
NetUtils.getSocketFactory(conf, GetUserMappingsProtocol.class));
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public long getProtocolVersion(String protocol, long clientVersion)
|
||||||
|
throws IOException {
|
||||||
|
return rpcProxy.getProtocolVersion(protocol, clientVersion);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public ProtocolSignature getProtocolSignature(String protocol,
|
||||||
|
long clientVersion, int clientMethodsHash) throws IOException {
|
||||||
|
return ProtocolSignatureWritable.convert(rpcProxy.getProtocolSignature2(
|
||||||
|
protocol, clientVersion, clientMethodsHash));
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void close() throws IOException {
|
||||||
|
RPC.stopProxy(rpcProxy);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public String[] getGroupsForUser(String user) throws IOException {
|
||||||
|
GetGroupsForUserRequestProto request = GetGroupsForUserRequestProto
|
||||||
|
.newBuilder().setUser(user).build();
|
||||||
|
GetGroupsForUserResponseProto resp;
|
||||||
|
try {
|
||||||
|
resp = rpcProxy.getGroupsForUser(NULL_CONTROLLER, request);
|
||||||
|
} catch (ServiceException se) {
|
||||||
|
throw ProtobufHelper.getRemoteException(se);
|
||||||
|
}
|
||||||
|
return resp.getGroupsList().toArray(new String[resp.getGroupsCount()]);
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,45 @@
|
||||||
|
/**
|
||||||
|
* Licensed to the Apache Software Foundation (ASF) under one
|
||||||
|
* or more contributor license agreements. See the NOTICE file
|
||||||
|
* distributed with this work for additional information
|
||||||
|
* regarding copyright ownership. The ASF licenses this file
|
||||||
|
* to you under the Apache License, Version 2.0 (the
|
||||||
|
* "License"); you may not use this file except in compliance
|
||||||
|
* with the License. You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
package org.apache.hadoop.hdfs.protocolPB;
|
||||||
|
|
||||||
|
import java.io.IOException;
|
||||||
|
|
||||||
|
import org.apache.hadoop.classification.InterfaceAudience;
|
||||||
|
import org.apache.hadoop.classification.InterfaceStability;
|
||||||
|
import org.apache.hadoop.hdfs.protocol.proto.GetUserMappingsProtocolProtos.GetUserMappingsProtocolService;
|
||||||
|
import org.apache.hadoop.hdfs.protocolR23Compatible.ProtocolSignatureWritable;
|
||||||
|
import org.apache.hadoop.ipc.ProtocolInfo;
|
||||||
|
import org.apache.hadoop.ipc.VersionedProtocol;
|
||||||
|
|
||||||
|
@ProtocolInfo(
|
||||||
|
protocolName = "org.apache.hadoop.tools.GetUserMappingsProtocol",
|
||||||
|
protocolVersion = 1)
|
||||||
|
@InterfaceAudience.LimitedPrivate({"HDFS", "MapReduce"})
|
||||||
|
@InterfaceStability.Evolving
|
||||||
|
public interface GetUserMappingsProtocolPB extends
|
||||||
|
GetUserMappingsProtocolService.BlockingInterface, VersionedProtocol {
|
||||||
|
|
||||||
|
/**
|
||||||
|
* This method is defined to get the protocol signature using
|
||||||
|
* the R23 protocol - hence we have added the suffix of 2 the method name
|
||||||
|
* to avoid conflict.
|
||||||
|
*/
|
||||||
|
public ProtocolSignatureWritable getProtocolSignature2(String protocol,
|
||||||
|
long clientVersion, int clientMethodsHash) throws IOException;
|
||||||
|
}
|
|
@ -0,0 +1,96 @@
|
||||||
|
/**
|
||||||
|
* Licensed to the Apache Software Foundation (ASF) under one
|
||||||
|
* or more contributor license agreements. See the NOTICE file
|
||||||
|
* distributed with this work for additional information
|
||||||
|
* regarding copyright ownership. The ASF licenses this file
|
||||||
|
* to you under the Apache License, Version 2.0 (the
|
||||||
|
* "License"); you may not use this file except in compliance
|
||||||
|
* with the License. You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
package org.apache.hadoop.hdfs.protocolPB;
|
||||||
|
|
||||||
|
import java.io.IOException;
|
||||||
|
|
||||||
|
import org.apache.hadoop.hdfs.protocol.proto.GetUserMappingsProtocolProtos.GetGroupsForUserRequestProto;
|
||||||
|
import org.apache.hadoop.hdfs.protocol.proto.GetUserMappingsProtocolProtos.GetGroupsForUserResponseProto;
|
||||||
|
import org.apache.hadoop.hdfs.protocolR23Compatible.ProtocolSignatureWritable;
|
||||||
|
import org.apache.hadoop.ipc.ProtocolSignature;
|
||||||
|
import org.apache.hadoop.ipc.RPC;
|
||||||
|
import org.apache.hadoop.tools.GetUserMappingsProtocol;
|
||||||
|
|
||||||
|
import com.google.protobuf.RpcController;
|
||||||
|
import com.google.protobuf.ServiceException;
|
||||||
|
|
||||||
|
public class GetUserMappingsProtocolServerSideTranslatorPB implements
|
||||||
|
GetUserMappingsProtocolPB {
|
||||||
|
|
||||||
|
private final GetUserMappingsProtocol impl;
|
||||||
|
|
||||||
|
public GetUserMappingsProtocolServerSideTranslatorPB(
|
||||||
|
GetUserMappingsProtocol impl) {
|
||||||
|
this.impl = impl;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public long getProtocolVersion(String protocol, long clientVersion)
|
||||||
|
throws IOException {
|
||||||
|
return RPC.getProtocolVersion(GetUserMappingsProtocolPB.class);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public ProtocolSignature getProtocolSignature(String protocol,
|
||||||
|
long clientVersion, int clientMethodsHash) throws IOException {
|
||||||
|
/**
|
||||||
|
* Don't forward this to the server. The protocol version and signature is
|
||||||
|
* that of {@link GetUserMappingsProtocol}
|
||||||
|
*/
|
||||||
|
if (!protocol.equals(RPC
|
||||||
|
.getProtocolName(GetUserMappingsProtocolPB.class))) {
|
||||||
|
throw new IOException("Namenode Serverside implements "
|
||||||
|
+ RPC.getProtocolName(GetUserMappingsProtocolPB.class)
|
||||||
|
+ ". The following requested protocol is unknown: " + protocol);
|
||||||
|
}
|
||||||
|
|
||||||
|
return ProtocolSignature.getProtocolSignature(clientMethodsHash,
|
||||||
|
RPC.getProtocolVersion(GetUserMappingsProtocolPB.class),
|
||||||
|
GetUserMappingsProtocolPB.class);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public ProtocolSignatureWritable getProtocolSignature2(String protocol,
|
||||||
|
long clientVersion, int clientMethodsHash) throws IOException {
|
||||||
|
/**
|
||||||
|
* Don't forward this to the server. The protocol version and signature is
|
||||||
|
* that of {@link GetUserMappingsProtocolPB}
|
||||||
|
*/
|
||||||
|
return ProtocolSignatureWritable.convert(this.getProtocolSignature(
|
||||||
|
protocol, clientVersion, clientMethodsHash));
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public GetGroupsForUserResponseProto getGroupsForUser(
|
||||||
|
RpcController controller, GetGroupsForUserRequestProto request)
|
||||||
|
throws ServiceException {
|
||||||
|
String[] groups;
|
||||||
|
try {
|
||||||
|
groups = impl.getGroupsForUser(request.getUser());
|
||||||
|
} catch (IOException e) {
|
||||||
|
throw new ServiceException(e);
|
||||||
|
}
|
||||||
|
GetGroupsForUserResponseProto.Builder builder = GetGroupsForUserResponseProto
|
||||||
|
.newBuilder();
|
||||||
|
for (String g : groups) {
|
||||||
|
builder.addGroups(g);
|
||||||
|
}
|
||||||
|
return builder.build();
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,86 @@
|
||||||
|
/**
|
||||||
|
* Licensed to the Apache Software Foundation (ASF) under one
|
||||||
|
* or more contributor license agreements. See the NOTICE file
|
||||||
|
* distributed with this work for additional information
|
||||||
|
* regarding copyright ownership. The ASF licenses this file
|
||||||
|
* to you under the Apache License, Version 2.0 (the
|
||||||
|
* "License"); you may not use this file except in compliance
|
||||||
|
* with the License. You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
package org.apache.hadoop.hdfs.protocolPB;
|
||||||
|
|
||||||
|
import java.io.Closeable;
|
||||||
|
import java.io.IOException;
|
||||||
|
import java.net.InetSocketAddress;
|
||||||
|
|
||||||
|
import org.apache.hadoop.conf.Configuration;
|
||||||
|
import org.apache.hadoop.hdfs.protocol.proto.RefreshAuthorizationPolicyProtocolProtos.RefreshServiceAclRequestProto;
|
||||||
|
import org.apache.hadoop.hdfs.protocolR23Compatible.ProtocolSignatureWritable;
|
||||||
|
import org.apache.hadoop.hdfs.server.namenode.NameNode;
|
||||||
|
import org.apache.hadoop.ipc.ProtobufHelper;
|
||||||
|
import org.apache.hadoop.ipc.ProtobufRpcEngine;
|
||||||
|
import org.apache.hadoop.ipc.ProtocolSignature;
|
||||||
|
import org.apache.hadoop.ipc.RPC;
|
||||||
|
import org.apache.hadoop.net.NetUtils;
|
||||||
|
import org.apache.hadoop.security.UserGroupInformation;
|
||||||
|
import org.apache.hadoop.security.authorize.RefreshAuthorizationPolicyProtocol;
|
||||||
|
|
||||||
|
import com.google.protobuf.RpcController;
|
||||||
|
import com.google.protobuf.ServiceException;
|
||||||
|
|
||||||
|
public class RefreshAuthorizationPolicyProtocolClientSideTranslatorPB implements
|
||||||
|
RefreshAuthorizationPolicyProtocol, Closeable {
|
||||||
|
|
||||||
|
/** RpcController is not used and hence is set to null */
|
||||||
|
private final static RpcController NULL_CONTROLLER = null;
|
||||||
|
private final RefreshAuthorizationPolicyProtocolPB rpcProxy;
|
||||||
|
|
||||||
|
public RefreshAuthorizationPolicyProtocolClientSideTranslatorPB(
|
||||||
|
InetSocketAddress nameNodeAddr, UserGroupInformation ugi,
|
||||||
|
Configuration conf) throws IOException {
|
||||||
|
RPC.setProtocolEngine(conf, RefreshAuthorizationPolicyProtocolPB.class,
|
||||||
|
ProtobufRpcEngine.class);
|
||||||
|
rpcProxy = RPC.getProxy(RefreshAuthorizationPolicyProtocolPB.class,
|
||||||
|
RPC.getProtocolVersion(RefreshAuthorizationPolicyProtocolPB.class),
|
||||||
|
NameNode.getAddress(conf), ugi, conf,
|
||||||
|
NetUtils.getSocketFactory(conf, RefreshAuthorizationPolicyProtocol.class));
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public long getProtocolVersion(String protocol, long clientVersion)
|
||||||
|
throws IOException {
|
||||||
|
return rpcProxy.getProtocolVersion(protocol, clientVersion);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public ProtocolSignature getProtocolSignature(String protocol,
|
||||||
|
long clientVersion, int clientMethodsHash) throws IOException {
|
||||||
|
return ProtocolSignatureWritable.convert(rpcProxy.getProtocolSignature2(
|
||||||
|
protocol, clientVersion, clientMethodsHash));
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void close() throws IOException {
|
||||||
|
RPC.stopProxy(rpcProxy);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void refreshServiceAcl() throws IOException {
|
||||||
|
RefreshServiceAclRequestProto request = RefreshServiceAclRequestProto
|
||||||
|
.newBuilder().build();
|
||||||
|
try {
|
||||||
|
rpcProxy.refreshServiceAcl(NULL_CONTROLLER, request);
|
||||||
|
} catch (ServiceException se) {
|
||||||
|
throw ProtobufHelper.getRemoteException(se);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,49 @@
|
||||||
|
/**
|
||||||
|
* Licensed to the Apache Software Foundation (ASF) under one
|
||||||
|
* or more contributor license agreements. See the NOTICE file
|
||||||
|
* distributed with this work for additional information
|
||||||
|
* regarding copyright ownership. The ASF licenses this file
|
||||||
|
* to you under the Apache License, Version 2.0 (the
|
||||||
|
* "License"); you may not use this file except in compliance
|
||||||
|
* with the License. You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
package org.apache.hadoop.hdfs.protocolPB;
|
||||||
|
|
||||||
|
import java.io.IOException;
|
||||||
|
|
||||||
|
import org.apache.hadoop.classification.InterfaceAudience;
|
||||||
|
import org.apache.hadoop.classification.InterfaceStability;
|
||||||
|
import org.apache.hadoop.fs.CommonConfigurationKeys;
|
||||||
|
import org.apache.hadoop.hdfs.protocol.proto.RefreshAuthorizationPolicyProtocolProtos.RefreshAuthorizationPolicyProtocolService;
|
||||||
|
import org.apache.hadoop.hdfs.protocolR23Compatible.ProtocolSignatureWritable;
|
||||||
|
import org.apache.hadoop.ipc.ProtocolInfo;
|
||||||
|
import org.apache.hadoop.ipc.VersionedProtocol;
|
||||||
|
import org.apache.hadoop.security.KerberosInfo;
|
||||||
|
|
||||||
|
@KerberosInfo(
|
||||||
|
serverPrincipal=CommonConfigurationKeys.HADOOP_SECURITY_SERVICE_USER_NAME_KEY)
|
||||||
|
@ProtocolInfo(
|
||||||
|
protocolName = "org.apache.hadoop.security.authorize.RefreshAuthorizationPolicyProtocol",
|
||||||
|
protocolVersion = 1)
|
||||||
|
@InterfaceAudience.LimitedPrivate({"HDFS", "MapReduce"})
|
||||||
|
@InterfaceStability.Evolving
|
||||||
|
public interface RefreshAuthorizationPolicyProtocolPB extends
|
||||||
|
RefreshAuthorizationPolicyProtocolService.BlockingInterface, VersionedProtocol {
|
||||||
|
|
||||||
|
/**
|
||||||
|
* This method is defined to get the protocol signature using
|
||||||
|
* the R23 protocol - hence we have added the suffix of 2 the method name
|
||||||
|
* to avoid conflict.
|
||||||
|
*/
|
||||||
|
public ProtocolSignatureWritable getProtocolSignature2(String protocol,
|
||||||
|
long clientVersion, int clientMethodsHash) throws IOException;
|
||||||
|
}
|
|
@ -0,0 +1,90 @@
|
||||||
|
/**
|
||||||
|
* Licensed to the Apache Software Foundation (ASF) under one
|
||||||
|
* or more contributor license agreements. See the NOTICE file
|
||||||
|
* distributed with this work for additional information
|
||||||
|
* regarding copyright ownership. The ASF licenses this file
|
||||||
|
* to you under the Apache License, Version 2.0 (the
|
||||||
|
* "License"); you may not use this file except in compliance
|
||||||
|
* with the License. You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
package org.apache.hadoop.hdfs.protocolPB;
|
||||||
|
|
||||||
|
import java.io.IOException;
|
||||||
|
|
||||||
|
import org.apache.hadoop.hdfs.protocol.proto.RefreshAuthorizationPolicyProtocolProtos.RefreshServiceAclRequestProto;
|
||||||
|
import org.apache.hadoop.hdfs.protocol.proto.RefreshAuthorizationPolicyProtocolProtos.RefreshServiceAclResponseProto;
|
||||||
|
import org.apache.hadoop.hdfs.protocolR23Compatible.ProtocolSignatureWritable;
|
||||||
|
import org.apache.hadoop.ipc.ProtocolSignature;
|
||||||
|
import org.apache.hadoop.ipc.RPC;
|
||||||
|
import org.apache.hadoop.security.authorize.RefreshAuthorizationPolicyProtocol;
|
||||||
|
|
||||||
|
import com.google.protobuf.RpcController;
|
||||||
|
import com.google.protobuf.ServiceException;
|
||||||
|
|
||||||
|
public class RefreshAuthorizationPolicyProtocolServerSideTranslatorPB implements
|
||||||
|
RefreshAuthorizationPolicyProtocolPB {
|
||||||
|
|
||||||
|
private final RefreshAuthorizationPolicyProtocol impl;
|
||||||
|
|
||||||
|
public RefreshAuthorizationPolicyProtocolServerSideTranslatorPB(
|
||||||
|
RefreshAuthorizationPolicyProtocol impl) {
|
||||||
|
this.impl = impl;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public long getProtocolVersion(String protocol, long clientVersion)
|
||||||
|
throws IOException {
|
||||||
|
return RPC.getProtocolVersion(RefreshAuthorizationPolicyProtocolPB.class);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public ProtocolSignature getProtocolSignature(String protocol,
|
||||||
|
long clientVersion, int clientMethodsHash) throws IOException {
|
||||||
|
/**
|
||||||
|
* Don't forward this to the server. The protocol version and signature is
|
||||||
|
* that of {@link RefreshAuthorizationPolicyProtocol}
|
||||||
|
*/
|
||||||
|
if (!protocol.equals(RPC
|
||||||
|
.getProtocolName(RefreshAuthorizationPolicyProtocolPB.class))) {
|
||||||
|
throw new IOException("Namenode Serverside implements "
|
||||||
|
+ RPC.getProtocolName(RefreshAuthorizationPolicyProtocolPB.class)
|
||||||
|
+ ". The following requested protocol is unknown: " + protocol);
|
||||||
|
}
|
||||||
|
|
||||||
|
return ProtocolSignature.getProtocolSignature(clientMethodsHash,
|
||||||
|
RPC.getProtocolVersion(RefreshAuthorizationPolicyProtocolPB.class),
|
||||||
|
RefreshAuthorizationPolicyProtocolPB.class);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public ProtocolSignatureWritable getProtocolSignature2(String protocol,
|
||||||
|
long clientVersion, int clientMethodsHash) throws IOException {
|
||||||
|
/**
|
||||||
|
* Don't forward this to the server. The protocol version and signature is
|
||||||
|
* that of {@link RefreshAuthorizationPolicyProtocolPB}
|
||||||
|
*/
|
||||||
|
return ProtocolSignatureWritable.convert(this.getProtocolSignature(
|
||||||
|
protocol, clientVersion, clientMethodsHash));
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public RefreshServiceAclResponseProto refreshServiceAcl(
|
||||||
|
RpcController controller, RefreshServiceAclRequestProto request)
|
||||||
|
throws ServiceException {
|
||||||
|
try {
|
||||||
|
impl.refreshServiceAcl();
|
||||||
|
} catch (IOException e) {
|
||||||
|
throw new ServiceException(e);
|
||||||
|
}
|
||||||
|
return RefreshServiceAclResponseProto.newBuilder().build();
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,98 @@
|
||||||
|
/**
|
||||||
|
* Licensed to the Apache Software Foundation (ASF) under one
|
||||||
|
* or more contributor license agreements. See the NOTICE file
|
||||||
|
* distributed with this work for additional information
|
||||||
|
* regarding copyright ownership. The ASF licenses this file
|
||||||
|
* to you under the Apache License, Version 2.0 (the
|
||||||
|
* "License"); you may not use this file except in compliance
|
||||||
|
* with the License. You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
package org.apache.hadoop.hdfs.protocolPB;
|
||||||
|
|
||||||
|
import java.io.Closeable;
|
||||||
|
import java.io.IOException;
|
||||||
|
import java.net.InetSocketAddress;
|
||||||
|
|
||||||
|
import org.apache.hadoop.conf.Configuration;
|
||||||
|
import org.apache.hadoop.hdfs.protocol.proto.RefreshUserMappingsProtocolProtos.RefreshSuperUserGroupsConfigurationRequestProto;
|
||||||
|
import org.apache.hadoop.hdfs.protocol.proto.RefreshUserMappingsProtocolProtos.RefreshUserToGroupsMappingsRequestProto;
|
||||||
|
import org.apache.hadoop.hdfs.protocolR23Compatible.ProtocolSignatureWritable;
|
||||||
|
import org.apache.hadoop.hdfs.server.namenode.NameNode;
|
||||||
|
import org.apache.hadoop.ipc.ProtobufHelper;
|
||||||
|
import org.apache.hadoop.ipc.ProtobufRpcEngine;
|
||||||
|
import org.apache.hadoop.ipc.ProtocolSignature;
|
||||||
|
import org.apache.hadoop.ipc.RPC;
|
||||||
|
import org.apache.hadoop.net.NetUtils;
|
||||||
|
import org.apache.hadoop.security.RefreshUserMappingsProtocol;
|
||||||
|
import org.apache.hadoop.security.UserGroupInformation;
|
||||||
|
|
||||||
|
import com.google.protobuf.RpcController;
|
||||||
|
import com.google.protobuf.ServiceException;
|
||||||
|
|
||||||
|
public class RefreshUserMappingsProtocolClientSideTranslatorPB implements
|
||||||
|
RefreshUserMappingsProtocol, Closeable {
|
||||||
|
|
||||||
|
/** RpcController is not used and hence is set to null */
|
||||||
|
private final static RpcController NULL_CONTROLLER = null;
|
||||||
|
private final RefreshUserMappingsProtocolPB rpcProxy;
|
||||||
|
|
||||||
|
public RefreshUserMappingsProtocolClientSideTranslatorPB(
|
||||||
|
InetSocketAddress nameNodeAddr, UserGroupInformation ugi,
|
||||||
|
Configuration conf) throws IOException {
|
||||||
|
RPC.setProtocolEngine(conf, RefreshUserMappingsProtocolPB.class,
|
||||||
|
ProtobufRpcEngine.class);
|
||||||
|
rpcProxy = RPC.getProxy(RefreshUserMappingsProtocolPB.class,
|
||||||
|
RPC.getProtocolVersion(RefreshUserMappingsProtocolPB.class),
|
||||||
|
NameNode.getAddress(conf), ugi, conf,
|
||||||
|
NetUtils.getSocketFactory(conf, RefreshUserMappingsProtocol.class));
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public long getProtocolVersion(String protocol, long clientVersion)
|
||||||
|
throws IOException {
|
||||||
|
return rpcProxy.getProtocolVersion(protocol, clientVersion);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public ProtocolSignature getProtocolSignature(String protocol,
|
||||||
|
long clientVersion, int clientMethodsHash) throws IOException {
|
||||||
|
return ProtocolSignatureWritable.convert(rpcProxy.getProtocolSignature2(
|
||||||
|
protocol, clientVersion, clientMethodsHash));
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void close() throws IOException {
|
||||||
|
RPC.stopProxy(rpcProxy);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void refreshUserToGroupsMappings() throws IOException {
|
||||||
|
RefreshUserToGroupsMappingsRequestProto request =
|
||||||
|
RefreshUserToGroupsMappingsRequestProto.newBuilder().build();
|
||||||
|
try {
|
||||||
|
rpcProxy.refreshUserToGroupsMappings(NULL_CONTROLLER, request);
|
||||||
|
} catch (ServiceException se) {
|
||||||
|
throw ProtobufHelper.getRemoteException(se);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void refreshSuperUserGroupsConfiguration() throws IOException {
|
||||||
|
RefreshSuperUserGroupsConfigurationRequestProto request =
|
||||||
|
RefreshSuperUserGroupsConfigurationRequestProto.newBuilder().build();
|
||||||
|
try {
|
||||||
|
rpcProxy.refreshSuperUserGroupsConfiguration(NULL_CONTROLLER, request);
|
||||||
|
} catch (ServiceException se) {
|
||||||
|
throw ProtobufHelper.getRemoteException(se);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,49 @@
|
||||||
|
/**
|
||||||
|
* Licensed to the Apache Software Foundation (ASF) under one
|
||||||
|
* or more contributor license agreements. See the NOTICE file
|
||||||
|
* distributed with this work for additional information
|
||||||
|
* regarding copyright ownership. The ASF licenses this file
|
||||||
|
* to you under the Apache License, Version 2.0 (the
|
||||||
|
* "License"); you may not use this file except in compliance
|
||||||
|
* with the License. You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
package org.apache.hadoop.hdfs.protocolPB;
|
||||||
|
|
||||||
|
import java.io.IOException;
|
||||||
|
|
||||||
|
import org.apache.hadoop.classification.InterfaceAudience;
|
||||||
|
import org.apache.hadoop.classification.InterfaceStability;
|
||||||
|
import org.apache.hadoop.fs.CommonConfigurationKeys;
|
||||||
|
import org.apache.hadoop.hdfs.protocol.proto.RefreshUserMappingsProtocolProtos.RefreshUserMappingsProtocolService;
|
||||||
|
import org.apache.hadoop.hdfs.protocolR23Compatible.ProtocolSignatureWritable;
|
||||||
|
import org.apache.hadoop.ipc.ProtocolInfo;
|
||||||
|
import org.apache.hadoop.ipc.VersionedProtocol;
|
||||||
|
import org.apache.hadoop.security.KerberosInfo;
|
||||||
|
|
||||||
|
@KerberosInfo(
|
||||||
|
serverPrincipal=CommonConfigurationKeys.HADOOP_SECURITY_SERVICE_USER_NAME_KEY)
|
||||||
|
@ProtocolInfo(
|
||||||
|
protocolName = "org.apache.hadoop.security.RefreshUserMappingsProtocol",
|
||||||
|
protocolVersion = 1)
|
||||||
|
@InterfaceAudience.LimitedPrivate({"HDFS", "MapReduce"})
|
||||||
|
@InterfaceStability.Evolving
|
||||||
|
public interface RefreshUserMappingsProtocolPB extends
|
||||||
|
RefreshUserMappingsProtocolService.BlockingInterface, VersionedProtocol {
|
||||||
|
|
||||||
|
/**
|
||||||
|
* This method is defined to get the protocol signature using
|
||||||
|
* the R23 protocol - hence we have added the suffix of 2 the method name
|
||||||
|
* to avoid conflict.
|
||||||
|
*/
|
||||||
|
public ProtocolSignatureWritable getProtocolSignature2(String protocol,
|
||||||
|
long clientVersion, int clientMethodsHash) throws IOException;
|
||||||
|
}
|
|
@ -0,0 +1,105 @@
|
||||||
|
/**
|
||||||
|
* Licensed to the Apache Software Foundation (ASF) under one
|
||||||
|
* or more contributor license agreements. See the NOTICE file
|
||||||
|
* distributed with this work for additional information
|
||||||
|
* regarding copyright ownership. The ASF licenses this file
|
||||||
|
* to you under the Apache License, Version 2.0 (the
|
||||||
|
* "License"); you may not use this file except in compliance
|
||||||
|
* with the License. You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
package org.apache.hadoop.hdfs.protocolPB;
|
||||||
|
|
||||||
|
import java.io.IOException;
|
||||||
|
|
||||||
|
import org.apache.hadoop.hdfs.protocol.proto.RefreshUserMappingsProtocolProtos.RefreshSuperUserGroupsConfigurationRequestProto;
|
||||||
|
import org.apache.hadoop.hdfs.protocol.proto.RefreshUserMappingsProtocolProtos.RefreshSuperUserGroupsConfigurationResponseProto;
|
||||||
|
import org.apache.hadoop.hdfs.protocol.proto.RefreshUserMappingsProtocolProtos.RefreshUserToGroupsMappingsRequestProto;
|
||||||
|
import org.apache.hadoop.hdfs.protocol.proto.RefreshUserMappingsProtocolProtos.RefreshUserToGroupsMappingsResponseProto;
|
||||||
|
import org.apache.hadoop.hdfs.protocolR23Compatible.ProtocolSignatureWritable;
|
||||||
|
import org.apache.hadoop.ipc.ProtocolSignature;
|
||||||
|
import org.apache.hadoop.ipc.RPC;
|
||||||
|
import org.apache.hadoop.security.RefreshUserMappingsProtocol;
|
||||||
|
|
||||||
|
import com.google.protobuf.RpcController;
|
||||||
|
import com.google.protobuf.ServiceException;
|
||||||
|
|
||||||
|
public class RefreshUserMappingsProtocolServerSideTranslatorPB implements RefreshUserMappingsProtocolPB {
|
||||||
|
|
||||||
|
private final RefreshUserMappingsProtocol impl;
|
||||||
|
|
||||||
|
public RefreshUserMappingsProtocolServerSideTranslatorPB(RefreshUserMappingsProtocol impl) {
|
||||||
|
this.impl = impl;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public RefreshUserToGroupsMappingsResponseProto
|
||||||
|
refreshUserToGroupsMappings(RpcController controller,
|
||||||
|
RefreshUserToGroupsMappingsRequestProto request)
|
||||||
|
throws ServiceException {
|
||||||
|
try {
|
||||||
|
impl.refreshUserToGroupsMappings();
|
||||||
|
} catch (IOException e) {
|
||||||
|
throw new ServiceException(e);
|
||||||
|
}
|
||||||
|
return RefreshUserToGroupsMappingsResponseProto.newBuilder().build();
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public RefreshSuperUserGroupsConfigurationResponseProto
|
||||||
|
refreshSuperUserGroupsConfiguration(RpcController controller,
|
||||||
|
RefreshSuperUserGroupsConfigurationRequestProto request)
|
||||||
|
throws ServiceException {
|
||||||
|
try {
|
||||||
|
impl.refreshSuperUserGroupsConfiguration();
|
||||||
|
} catch (IOException e) {
|
||||||
|
throw new ServiceException(e);
|
||||||
|
}
|
||||||
|
return RefreshSuperUserGroupsConfigurationResponseProto.newBuilder()
|
||||||
|
.build();
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public long getProtocolVersion(String protocol, long clientVersion)
|
||||||
|
throws IOException {
|
||||||
|
return RPC.getProtocolVersion(RefreshUserMappingsProtocolPB.class);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public ProtocolSignature getProtocolSignature(String protocol,
|
||||||
|
long clientVersion, int clientMethodsHash) throws IOException {
|
||||||
|
/**
|
||||||
|
* Don't forward this to the server. The protocol version and signature is
|
||||||
|
* that of {@link RefreshUserMappingsProtocol}
|
||||||
|
*/
|
||||||
|
if (!protocol.equals(RPC
|
||||||
|
.getProtocolName(RefreshUserMappingsProtocolPB.class))) {
|
||||||
|
throw new IOException("Namenode Serverside implements "
|
||||||
|
+ RPC.getProtocolName(RefreshUserMappingsProtocolPB.class)
|
||||||
|
+ ". The following requested protocol is unknown: " + protocol);
|
||||||
|
}
|
||||||
|
|
||||||
|
return ProtocolSignature.getProtocolSignature(clientMethodsHash,
|
||||||
|
RPC.getProtocolVersion(RefreshUserMappingsProtocolPB.class),
|
||||||
|
RefreshUserMappingsProtocolPB.class);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public ProtocolSignatureWritable getProtocolSignature2(String protocol,
|
||||||
|
long clientVersion, int clientMethodsHash) throws IOException {
|
||||||
|
/**
|
||||||
|
* Don't forward this to the server. The protocol version and signature is
|
||||||
|
* that of {@link RefreshUserMappingsProtocolPB}
|
||||||
|
*/
|
||||||
|
return ProtocolSignatureWritable.convert(this.getProtocolSignature(
|
||||||
|
protocol, clientVersion, clientMethodsHash));
|
||||||
|
}
|
||||||
|
}
|
|
@ -62,12 +62,21 @@ import org.apache.hadoop.hdfs.protocol.HdfsConstants.UpgradeAction;
|
||||||
import org.apache.hadoop.hdfs.protocol.proto.ClientNamenodeProtocolProtos.ClientNamenodeProtocol;
|
import org.apache.hadoop.hdfs.protocol.proto.ClientNamenodeProtocolProtos.ClientNamenodeProtocol;
|
||||||
import org.apache.hadoop.hdfs.protocol.proto.NamenodeProtocolProtos.NamenodeProtocolService;
|
import org.apache.hadoop.hdfs.protocol.proto.NamenodeProtocolProtos.NamenodeProtocolService;
|
||||||
import org.apache.hadoop.hdfs.protocol.proto.DatanodeProtocolProtos.DatanodeProtocolService;
|
import org.apache.hadoop.hdfs.protocol.proto.DatanodeProtocolProtos.DatanodeProtocolService;
|
||||||
|
import org.apache.hadoop.hdfs.protocol.proto.GetUserMappingsProtocolProtos.GetUserMappingsProtocolService;
|
||||||
|
import org.apache.hadoop.hdfs.protocol.proto.RefreshAuthorizationPolicyProtocolProtos.RefreshAuthorizationPolicyProtocolService;
|
||||||
|
import org.apache.hadoop.hdfs.protocol.proto.RefreshUserMappingsProtocolProtos.RefreshUserMappingsProtocolService;
|
||||||
import org.apache.hadoop.hdfs.protocolPB.DatanodeProtocolPB;
|
import org.apache.hadoop.hdfs.protocolPB.DatanodeProtocolPB;
|
||||||
import org.apache.hadoop.hdfs.protocolPB.DatanodeProtocolServerSideTranslatorPB;
|
import org.apache.hadoop.hdfs.protocolPB.DatanodeProtocolServerSideTranslatorPB;
|
||||||
|
import org.apache.hadoop.hdfs.protocolPB.GetUserMappingsProtocolPB;
|
||||||
|
import org.apache.hadoop.hdfs.protocolPB.GetUserMappingsProtocolServerSideTranslatorPB;
|
||||||
import org.apache.hadoop.hdfs.protocolPB.NamenodeProtocolPB;
|
import org.apache.hadoop.hdfs.protocolPB.NamenodeProtocolPB;
|
||||||
import org.apache.hadoop.hdfs.protocolPB.NamenodeProtocolServerSideTranslatorPB;
|
import org.apache.hadoop.hdfs.protocolPB.NamenodeProtocolServerSideTranslatorPB;
|
||||||
import org.apache.hadoop.hdfs.protocolPB.ClientNamenodeProtocolPB;
|
import org.apache.hadoop.hdfs.protocolPB.ClientNamenodeProtocolPB;
|
||||||
import org.apache.hadoop.hdfs.protocolPB.ClientNamenodeProtocolServerSideTranslatorPB;
|
import org.apache.hadoop.hdfs.protocolPB.ClientNamenodeProtocolServerSideTranslatorPB;
|
||||||
|
import org.apache.hadoop.hdfs.protocolPB.RefreshAuthorizationPolicyProtocolPB;
|
||||||
|
import org.apache.hadoop.hdfs.protocolPB.RefreshAuthorizationPolicyProtocolServerSideTranslatorPB;
|
||||||
|
import org.apache.hadoop.hdfs.protocolPB.RefreshUserMappingsProtocolPB;
|
||||||
|
import org.apache.hadoop.hdfs.protocolPB.RefreshUserMappingsProtocolServerSideTranslatorPB;
|
||||||
import org.apache.hadoop.hdfs.security.token.block.ExportedBlockKeys;
|
import org.apache.hadoop.hdfs.security.token.block.ExportedBlockKeys;
|
||||||
import org.apache.hadoop.hdfs.security.token.delegation.DelegationTokenIdentifier;
|
import org.apache.hadoop.hdfs.security.token.delegation.DelegationTokenIdentifier;
|
||||||
import org.apache.hadoop.hdfs.server.common.IncorrectVersionException;
|
import org.apache.hadoop.hdfs.server.common.IncorrectVersionException;
|
||||||
|
@ -96,7 +105,6 @@ import org.apache.hadoop.ipc.ProtocolSignature;
|
||||||
import org.apache.hadoop.ipc.RPC;
|
import org.apache.hadoop.ipc.RPC;
|
||||||
import org.apache.hadoop.ipc.Server;
|
import org.apache.hadoop.ipc.Server;
|
||||||
import org.apache.hadoop.ipc.WritableRpcEngine;
|
import org.apache.hadoop.ipc.WritableRpcEngine;
|
||||||
import org.apache.hadoop.ipc.RpcPayloadHeader.RpcKind;
|
|
||||||
import org.apache.hadoop.net.Node;
|
import org.apache.hadoop.net.Node;
|
||||||
import org.apache.hadoop.security.AccessControlException;
|
import org.apache.hadoop.security.AccessControlException;
|
||||||
import org.apache.hadoop.security.Groups;
|
import org.apache.hadoop.security.Groups;
|
||||||
|
@ -163,6 +171,21 @@ class NameNodeRpcServer implements NamenodeProtocols {
|
||||||
BlockingService NNPbService = NamenodeProtocolService
|
BlockingService NNPbService = NamenodeProtocolService
|
||||||
.newReflectiveBlockingService(namenodeProtocolXlator);
|
.newReflectiveBlockingService(namenodeProtocolXlator);
|
||||||
|
|
||||||
|
RefreshAuthorizationPolicyProtocolServerSideTranslatorPB refreshAuthPolicyXlator =
|
||||||
|
new RefreshAuthorizationPolicyProtocolServerSideTranslatorPB(this);
|
||||||
|
BlockingService refreshAuthService = RefreshAuthorizationPolicyProtocolService
|
||||||
|
.newReflectiveBlockingService(refreshAuthPolicyXlator);
|
||||||
|
|
||||||
|
RefreshUserMappingsProtocolServerSideTranslatorPB refreshUserMappingXlator =
|
||||||
|
new RefreshUserMappingsProtocolServerSideTranslatorPB(this);
|
||||||
|
BlockingService refreshUserMappingService = RefreshUserMappingsProtocolService
|
||||||
|
.newReflectiveBlockingService(refreshUserMappingXlator);
|
||||||
|
|
||||||
|
GetUserMappingsProtocolServerSideTranslatorPB getUserMappingXlator =
|
||||||
|
new GetUserMappingsProtocolServerSideTranslatorPB(this);
|
||||||
|
BlockingService getUserMappingService = GetUserMappingsProtocolService
|
||||||
|
.newReflectiveBlockingService(getUserMappingXlator);
|
||||||
|
|
||||||
WritableRpcEngine.ensureInitialized();
|
WritableRpcEngine.ensureInitialized();
|
||||||
|
|
||||||
InetSocketAddress dnSocketAddr = nn.getServiceRpcServerAddress(conf);
|
InetSocketAddress dnSocketAddr = nn.getServiceRpcServerAddress(conf);
|
||||||
|
@ -177,16 +200,16 @@ class NameNodeRpcServer implements NamenodeProtocols {
|
||||||
dnSocketAddr.getHostName(), dnSocketAddr.getPort(),
|
dnSocketAddr.getHostName(), dnSocketAddr.getPort(),
|
||||||
serviceHandlerCount,
|
serviceHandlerCount,
|
||||||
false, conf, namesystem.getDelegationTokenSecretManager());
|
false, conf, namesystem.getDelegationTokenSecretManager());
|
||||||
this.serviceRpcServer.addProtocol(RpcKind.RPC_WRITABLE,
|
|
||||||
RefreshAuthorizationPolicyProtocol.class, this);
|
|
||||||
this.serviceRpcServer.addProtocol(RpcKind.RPC_WRITABLE,
|
|
||||||
RefreshUserMappingsProtocol.class, this);
|
|
||||||
this.serviceRpcServer.addProtocol(RpcKind.RPC_WRITABLE,
|
|
||||||
GetUserMappingsProtocol.class, this);
|
|
||||||
DFSUtil.addPBProtocol(conf, NamenodeProtocolPB.class, NNPbService,
|
DFSUtil.addPBProtocol(conf, NamenodeProtocolPB.class, NNPbService,
|
||||||
serviceRpcServer);
|
serviceRpcServer);
|
||||||
DFSUtil.addPBProtocol(conf, DatanodeProtocolPB.class, dnProtoPbService,
|
DFSUtil.addPBProtocol(conf, DatanodeProtocolPB.class, dnProtoPbService,
|
||||||
serviceRpcServer);
|
serviceRpcServer);
|
||||||
|
DFSUtil.addPBProtocol(conf, RefreshAuthorizationPolicyProtocolPB.class,
|
||||||
|
refreshAuthService, serviceRpcServer);
|
||||||
|
DFSUtil.addPBProtocol(conf, RefreshUserMappingsProtocolPB.class,
|
||||||
|
refreshUserMappingService, serviceRpcServer);
|
||||||
|
DFSUtil.addPBProtocol(conf, GetUserMappingsProtocolPB.class,
|
||||||
|
getUserMappingService, serviceRpcServer);
|
||||||
|
|
||||||
this.serviceRPCAddress = this.serviceRpcServer.getListenerAddress();
|
this.serviceRPCAddress = this.serviceRpcServer.getListenerAddress();
|
||||||
nn.setRpcServiceServerAddress(conf, serviceRPCAddress);
|
nn.setRpcServiceServerAddress(conf, serviceRPCAddress);
|
||||||
|
@ -200,16 +223,16 @@ class NameNodeRpcServer implements NamenodeProtocols {
|
||||||
clientNNPbService, socAddr.getHostName(),
|
clientNNPbService, socAddr.getHostName(),
|
||||||
socAddr.getPort(), handlerCount, false, conf,
|
socAddr.getPort(), handlerCount, false, conf,
|
||||||
namesystem.getDelegationTokenSecretManager());
|
namesystem.getDelegationTokenSecretManager());
|
||||||
this.clientRpcServer.addProtocol(RpcKind.RPC_WRITABLE,
|
|
||||||
RefreshAuthorizationPolicyProtocol.class, this);
|
|
||||||
this.clientRpcServer.addProtocol(RpcKind.RPC_WRITABLE,
|
|
||||||
RefreshUserMappingsProtocol.class, this);
|
|
||||||
this.clientRpcServer.addProtocol(RpcKind.RPC_WRITABLE,
|
|
||||||
GetUserMappingsProtocol.class, this);
|
|
||||||
DFSUtil.addPBProtocol(conf, NamenodeProtocolPB.class, NNPbService,
|
DFSUtil.addPBProtocol(conf, NamenodeProtocolPB.class, NNPbService,
|
||||||
clientRpcServer);
|
clientRpcServer);
|
||||||
DFSUtil.addPBProtocol(conf, DatanodeProtocolPB.class, dnProtoPbService,
|
DFSUtil.addPBProtocol(conf, DatanodeProtocolPB.class, dnProtoPbService,
|
||||||
clientRpcServer);
|
clientRpcServer);
|
||||||
|
DFSUtil.addPBProtocol(conf, RefreshAuthorizationPolicyProtocolPB.class,
|
||||||
|
refreshAuthService, clientRpcServer);
|
||||||
|
DFSUtil.addPBProtocol(conf, RefreshUserMappingsProtocolPB.class,
|
||||||
|
refreshUserMappingService, clientRpcServer);
|
||||||
|
DFSUtil.addPBProtocol(conf, GetUserMappingsProtocolPB.class,
|
||||||
|
getUserMappingService, clientRpcServer);
|
||||||
|
|
||||||
// set service-level authorization security policy
|
// set service-level authorization security policy
|
||||||
if (serviceAuthEnabled =
|
if (serviceAuthEnabled =
|
||||||
|
|
|
@ -43,14 +43,14 @@ import org.apache.hadoop.hdfs.protocol.DatanodeInfo;
|
||||||
import org.apache.hadoop.hdfs.protocol.HdfsConstants;
|
import org.apache.hadoop.hdfs.protocol.HdfsConstants;
|
||||||
import org.apache.hadoop.hdfs.protocol.HdfsConstants.DatanodeReportType;
|
import org.apache.hadoop.hdfs.protocol.HdfsConstants.DatanodeReportType;
|
||||||
import org.apache.hadoop.hdfs.protocol.HdfsConstants.UpgradeAction;
|
import org.apache.hadoop.hdfs.protocol.HdfsConstants.UpgradeAction;
|
||||||
|
import org.apache.hadoop.hdfs.protocolPB.RefreshAuthorizationPolicyProtocolClientSideTranslatorPB;
|
||||||
|
import org.apache.hadoop.hdfs.protocolPB.RefreshUserMappingsProtocolClientSideTranslatorPB;
|
||||||
import org.apache.hadoop.hdfs.server.common.UpgradeStatusReport;
|
import org.apache.hadoop.hdfs.server.common.UpgradeStatusReport;
|
||||||
import org.apache.hadoop.hdfs.server.namenode.NameNode;
|
import org.apache.hadoop.hdfs.server.namenode.NameNode;
|
||||||
import org.apache.hadoop.ipc.RPC;
|
import org.apache.hadoop.ipc.RPC;
|
||||||
import org.apache.hadoop.ipc.RemoteException;
|
import org.apache.hadoop.ipc.RemoteException;
|
||||||
import org.apache.hadoop.net.NetUtils;
|
import org.apache.hadoop.net.NetUtils;
|
||||||
import org.apache.hadoop.security.RefreshUserMappingsProtocol;
|
|
||||||
import org.apache.hadoop.security.UserGroupInformation;
|
import org.apache.hadoop.security.UserGroupInformation;
|
||||||
import org.apache.hadoop.security.authorize.RefreshAuthorizationPolicyProtocol;
|
|
||||||
import org.apache.hadoop.util.StringUtils;
|
import org.apache.hadoop.util.StringUtils;
|
||||||
import org.apache.hadoop.util.ToolRunner;
|
import org.apache.hadoop.util.ToolRunner;
|
||||||
|
|
||||||
|
@ -791,13 +791,9 @@ public class DFSAdmin extends FsShell {
|
||||||
conf.get(DFSConfigKeys.DFS_NAMENODE_USER_NAME_KEY, ""));
|
conf.get(DFSConfigKeys.DFS_NAMENODE_USER_NAME_KEY, ""));
|
||||||
|
|
||||||
// Create the client
|
// Create the client
|
||||||
RefreshAuthorizationPolicyProtocol refreshProtocol =
|
RefreshAuthorizationPolicyProtocolClientSideTranslatorPB refreshProtocol =
|
||||||
(RefreshAuthorizationPolicyProtocol)
|
new RefreshAuthorizationPolicyProtocolClientSideTranslatorPB(
|
||||||
RPC.getProxy(RefreshAuthorizationPolicyProtocol.class,
|
NameNode.getAddress(conf), getUGI(), conf);
|
||||||
RefreshAuthorizationPolicyProtocol.versionID,
|
|
||||||
NameNode.getAddress(conf), getUGI(), conf,
|
|
||||||
NetUtils.getSocketFactory(conf,
|
|
||||||
RefreshAuthorizationPolicyProtocol.class));
|
|
||||||
|
|
||||||
// Refresh the authorization policy in-effect
|
// Refresh the authorization policy in-effect
|
||||||
refreshProtocol.refreshServiceAcl();
|
refreshProtocol.refreshServiceAcl();
|
||||||
|
@ -821,13 +817,9 @@ public class DFSAdmin extends FsShell {
|
||||||
conf.get(DFSConfigKeys.DFS_NAMENODE_USER_NAME_KEY, ""));
|
conf.get(DFSConfigKeys.DFS_NAMENODE_USER_NAME_KEY, ""));
|
||||||
|
|
||||||
// Create the client
|
// Create the client
|
||||||
RefreshUserMappingsProtocol refreshProtocol =
|
RefreshUserMappingsProtocolClientSideTranslatorPB refreshProtocol =
|
||||||
(RefreshUserMappingsProtocol)
|
new RefreshUserMappingsProtocolClientSideTranslatorPB(
|
||||||
RPC.getProxy(RefreshUserMappingsProtocol.class,
|
NameNode.getAddress(conf), getUGI(), conf);
|
||||||
RefreshUserMappingsProtocol.versionID,
|
|
||||||
NameNode.getAddress(conf), getUGI(), conf,
|
|
||||||
NetUtils.getSocketFactory(conf,
|
|
||||||
RefreshUserMappingsProtocol.class));
|
|
||||||
|
|
||||||
// Refresh the user-to-groups mappings
|
// Refresh the user-to-groups mappings
|
||||||
refreshProtocol.refreshUserToGroupsMappings();
|
refreshProtocol.refreshUserToGroupsMappings();
|
||||||
|
@ -852,13 +844,9 @@ public class DFSAdmin extends FsShell {
|
||||||
conf.get(DFSConfigKeys.DFS_NAMENODE_USER_NAME_KEY, ""));
|
conf.get(DFSConfigKeys.DFS_NAMENODE_USER_NAME_KEY, ""));
|
||||||
|
|
||||||
// Create the client
|
// Create the client
|
||||||
RefreshUserMappingsProtocol refreshProtocol =
|
RefreshUserMappingsProtocolClientSideTranslatorPB refreshProtocol =
|
||||||
(RefreshUserMappingsProtocol)
|
new RefreshUserMappingsProtocolClientSideTranslatorPB(
|
||||||
RPC.getProxy(RefreshUserMappingsProtocol.class,
|
NameNode.getAddress(conf), getUGI(), conf);
|
||||||
RefreshUserMappingsProtocol.versionID,
|
|
||||||
NameNode.getAddress(conf), getUGI(), conf,
|
|
||||||
NetUtils.getSocketFactory(conf,
|
|
||||||
RefreshUserMappingsProtocol.class));
|
|
||||||
|
|
||||||
// Refresh the user-to-groups mappings
|
// Refresh the user-to-groups mappings
|
||||||
refreshProtocol.refreshSuperUserGroupsConfiguration();
|
refreshProtocol.refreshSuperUserGroupsConfiguration();
|
||||||
|
|
|
@ -23,8 +23,11 @@ import java.net.InetSocketAddress;
|
||||||
|
|
||||||
import org.apache.hadoop.conf.Configuration;
|
import org.apache.hadoop.conf.Configuration;
|
||||||
import org.apache.hadoop.hdfs.HdfsConfiguration;
|
import org.apache.hadoop.hdfs.HdfsConfiguration;
|
||||||
|
import org.apache.hadoop.hdfs.protocolPB.GetUserMappingsProtocolClientSideTranslatorPB;
|
||||||
import org.apache.hadoop.hdfs.server.namenode.NameNode;
|
import org.apache.hadoop.hdfs.server.namenode.NameNode;
|
||||||
|
import org.apache.hadoop.security.UserGroupInformation;
|
||||||
import org.apache.hadoop.tools.GetGroupsBase;
|
import org.apache.hadoop.tools.GetGroupsBase;
|
||||||
|
import org.apache.hadoop.tools.GetUserMappingsProtocol;
|
||||||
import org.apache.hadoop.util.ToolRunner;
|
import org.apache.hadoop.util.ToolRunner;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -52,6 +55,13 @@ public class GetGroups extends GetGroupsBase {
|
||||||
return NameNode.getAddress(conf);
|
return NameNode.getAddress(conf);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
protected GetUserMappingsProtocol getUgmProtocol() throws IOException {
|
||||||
|
return new GetUserMappingsProtocolClientSideTranslatorPB(
|
||||||
|
NameNode.getAddress(getConf()), UserGroupInformation.getCurrentUser(),
|
||||||
|
getConf());
|
||||||
|
}
|
||||||
|
|
||||||
public static void main(String[] argv) throws Exception {
|
public static void main(String[] argv) throws Exception {
|
||||||
int res = ToolRunner.run(new GetGroups(new HdfsConfiguration()), argv);
|
int res = ToolRunner.run(new GetGroups(new HdfsConfiguration()), argv);
|
||||||
System.exit(res);
|
System.exit(res);
|
||||||
|
|
|
@ -0,0 +1,49 @@
|
||||||
|
/**
|
||||||
|
* Licensed to the Apache Software Foundation (ASF) under one
|
||||||
|
* or more contributor license agreements. See the NOTICE file
|
||||||
|
* distributed with this work for additional information
|
||||||
|
* regarding copyright ownership. The ASF licenses this file
|
||||||
|
* to you under the Apache License, Version 2.0 (the
|
||||||
|
* "License"); you may not use this file except in compliance
|
||||||
|
* with the License. You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
option java_package = "org.apache.hadoop.hdfs.protocol.proto";
|
||||||
|
option java_outer_classname = "GetUserMappingsProtocolProtos";
|
||||||
|
option java_generic_services = true;
|
||||||
|
option java_generate_equals_and_hash = true;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get groups for user request.
|
||||||
|
*/
|
||||||
|
message GetGroupsForUserRequestProto {
|
||||||
|
required string user = 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Response for get groups.
|
||||||
|
*/
|
||||||
|
message GetGroupsForUserResponseProto {
|
||||||
|
repeated string groups = 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Protocol implemented by the Name Node and Job Tracker which maps users to
|
||||||
|
* groups.
|
||||||
|
*/
|
||||||
|
service GetUserMappingsProtocolService {
|
||||||
|
/**
|
||||||
|
* Get the groups which are mapped to the given user.
|
||||||
|
*/
|
||||||
|
rpc getGroupsForUser(GetGroupsForUserRequestProto)
|
||||||
|
returns(GetGroupsForUserResponseProto);
|
||||||
|
}
|
|
@ -0,0 +1,45 @@
|
||||||
|
/**
|
||||||
|
* Licensed to the Apache Software Foundation (ASF) under one
|
||||||
|
* or more contributor license agreements. See the NOTICE file
|
||||||
|
* distributed with this work for additional information
|
||||||
|
* regarding copyright ownership. The ASF licenses this file
|
||||||
|
* to you under the Apache License, Version 2.0 (the
|
||||||
|
* "License"); you may not use this file except in compliance
|
||||||
|
* with the License. You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
option java_package = "org.apache.hadoop.hdfs.protocol.proto";
|
||||||
|
option java_outer_classname = "RefreshAuthorizationPolicyProtocolProtos";
|
||||||
|
option java_generic_services = true;
|
||||||
|
option java_generate_equals_and_hash = true;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Refresh service acl request.
|
||||||
|
*/
|
||||||
|
message RefreshServiceAclRequestProto {
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* void response
|
||||||
|
*/
|
||||||
|
message RefreshServiceAclResponseProto {
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Protocol which is used to refresh the authorization policy in use currently.
|
||||||
|
*/
|
||||||
|
service RefreshAuthorizationPolicyProtocolService {
|
||||||
|
/**
|
||||||
|
* Refresh the service-level authorization policy in-effect.
|
||||||
|
*/
|
||||||
|
rpc refreshServiceAcl(RefreshServiceAclRequestProto)
|
||||||
|
returns(RefreshServiceAclResponseProto);
|
||||||
|
}
|
|
@ -0,0 +1,63 @@
|
||||||
|
/**
|
||||||
|
* Licensed to the Apache Software Foundation (ASF) under one
|
||||||
|
* or more contributor license agreements. See the NOTICE file
|
||||||
|
* distributed with this work for additional information
|
||||||
|
* regarding copyright ownership. The ASF licenses this file
|
||||||
|
* to you under the Apache License, Version 2.0 (the
|
||||||
|
* "License"); you may not use this file except in compliance
|
||||||
|
* with the License. You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
option java_package = "org.apache.hadoop.hdfs.protocol.proto";
|
||||||
|
option java_outer_classname = "RefreshUserMappingsProtocolProtos";
|
||||||
|
option java_generic_services = true;
|
||||||
|
option java_generate_equals_and_hash = true;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Refresh user to group mappings request.
|
||||||
|
*/
|
||||||
|
message RefreshUserToGroupsMappingsRequestProto {
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* void response
|
||||||
|
*/
|
||||||
|
message RefreshUserToGroupsMappingsResponseProto {
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Refresh superuser configuration request.
|
||||||
|
*/
|
||||||
|
message RefreshSuperUserGroupsConfigurationRequestProto {
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* void response
|
||||||
|
*/
|
||||||
|
message RefreshSuperUserGroupsConfigurationResponseProto {
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Protocol to refresh the user mappings.
|
||||||
|
*/
|
||||||
|
service RefreshUserMappingsProtocolService {
|
||||||
|
/**
|
||||||
|
* Refresh user to group mappings.
|
||||||
|
*/
|
||||||
|
rpc refreshUserToGroupsMappings(RefreshUserToGroupsMappingsRequestProto)
|
||||||
|
returns(RefreshUserToGroupsMappingsResponseProto);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Refresh superuser proxy group list.
|
||||||
|
*/
|
||||||
|
rpc refreshSuperUserGroupsConfiguration(RefreshSuperUserGroupsConfigurationRequestProto)
|
||||||
|
returns(RefreshSuperUserGroupsConfigurationResponseProto);
|
||||||
|
}
|
Loading…
Reference in New Issue