Example 1 with BaseConfig
use of com.dtstack.taier.base.BaseConfig in project Taier by DTStack.
the class AbstractConnFactory method init.
public void init(Properties properties) throws ClassNotFoundException {
synchronized (AbstractConnFactory.class) {
if (isFirstLoaded.get()) {
Class.forName(driverName);
isFirstLoaded.set(false);
}
}
jdbcUrl = MathUtil.getString(properties.get(ConfigConstant.JDBCURL));
username = MathUtil.getString(properties.get(ConfigConstant.USERNAME));
password = MathUtil.getString(properties.get(ConfigConstant.PASSWORD));
Preconditions.checkNotNull(jdbcUrl, "db url can't be null");
try {
String propStr = PublicUtil.objToString(properties);
baseConfig = PublicUtil.jsonStrToObject(propStr, BaseConfig.class);
// 非kerberos 不进行yarnConf初始化
if (baseConfig.isOpenKerberos() && null != properties.get("yarnConf")) {
Map<String, Object> yarnMap = (Map<String, Object>) properties.get("yarnConf");
yarnConf = KerberosUtils.convertMapConfToConfiguration(yarnMap);
}
testConn();
} catch (Exception e) {
throw new PluginDefineException("get conn exception:" + e.toString());
}
}
Also used :
PluginDefineException(com.dtstack.taier.pluginapi.exception.PluginDefineException)
BaseConfig(com.dtstack.taier.base.BaseConfig)
SQLException(java.sql.SQLException)
PluginDefineException(com.dtstack.taier.pluginapi.exception.PluginDefineException)
Example 2 with BaseConfig
use of com.dtstack.taier.base.BaseConfig in project Taier by DTStack.
the class KerberosUtils method login.
/**
* 重载login方法 ,增加IsCreateNewUGI 来检查是否重新create ugi
* @param config
* @param supplier
* @param configuration
* @param isCreateNewUGI
* @param <T>
* @return
* @throws Exception
*/
public static <T> T login(BaseConfig config, Supplier<T> supplier, Configuration configuration, boolean isCreateNewUGI) throws Exception {
if (Objects.isNull(config) || !config.isOpenKerberos()) {
return supplier.get();
}
String fileName = config.getPrincipalFile();
String remoteDir = config.getRemoteDir();
String localDir = ConfigConstant.LOCAL_KEYTAB_DIR_PARENT + remoteDir;
String finalKrb5ConfPath;
String finalPrincipal;
String finalKeytabPath;
String threadName;
Boolean isMergeKrb5;
File localDirPath = new File(localDir);
if (!localDirPath.exists()) {
localDirPath.mkdirs();
}
logger.info("fileName:{}, remoteDir:{}, localDir:{}, sftpConf:{}", fileName, remoteDir, localDir, config.getSftpConf());
try {
UserGroupInformation ugi;
String segmentName = segment.computeIfAbsent(remoteDir, key -> {
return new String(remoteDir);
});
synchronized (segmentName) {
String keytabPath = "";
String krb5ConfPath = "";
String krb5ConfName = config.getKrbName();
isMergeKrb5 = StringUtils.isNotEmpty(config.getMergeKrbContent());
// 本地文件是否和服务器时间一致 一致使用本地缓存
boolean isOverrideDownLoad = checkLocalCache(config.getKerberosFileTimestamp(), localDirPath);
if (isOverrideDownLoad) {
SftpFileManage sftpFileManage = SftpFileManage.getSftpManager(config.getSftpConf());
keytabPath = sftpFileManage.cacheOverloadFile(fileName, remoteDir, localDir);
krb5ConfPath = sftpFileManage.cacheOverloadFile(krb5ConfName, config.getRemoteDir(), localDir);
if (isMergeKrb5) {
krb5ConfPath = localDir + ConfigConstant.SP + ConfigConstant.MERGE_KRB5_NAME;
Files.write(Paths.get(krb5ConfPath), Collections.singleton(config.getMergeKrbContent()));
}
writeTimeLockFile(config.getKerberosFileTimestamp(), localDir);
} else {
keytabPath = localDir + File.separator + fileName;
if (isMergeKrb5) {
krb5ConfPath = localDir + ConfigConstant.SP + ConfigConstant.MERGE_KRB5_NAME;
} else {
krb5ConfPath = localDir + ConfigConstant.SP + krb5ConfName;
}
}
finalKrb5ConfPath = krb5ConfPath;
finalKeytabPath = keytabPath;
threadName = Thread.currentThread().getName();
String principal = config.getPrincipal();
if (StringUtils.isEmpty(principal)) {
principal = segment.computeIfAbsent(threadName, k -> {
return KerberosUtils.getPrincipal(finalKeytabPath);
});
}
finalPrincipal = principal;
logger.info("kerberos login, principal:{}, keytabPath:{}, krb5ConfPath:{}", principal, keytabPath, krb5ConfPath);
/*
* 如果用已经带有token的ugi进行认证时,在HDFS DELEGATION TOKEN那里会出现认证错误
* 如果是SPARK 在这里先每次创建UGI进行避开
*/
if (isCreateNewUGI) {
ugi = retryCreateUGIIfMerge(finalKrb5ConfPath, configuration, finalPrincipal, finalKeytabPath, config.getKrbName(), isMergeKrb5);
} else {
ugi = ugiMap.computeIfAbsent(threadName, k -> retryCreateUGIIfMerge(finalKrb5ConfPath, configuration, finalPrincipal, finalKeytabPath, config.getKrbName(), isMergeKrb5));
}
KerberosTicket ticket = getTGT(ugi);
if (!checkTGT(ticket) || isOverrideDownLoad) {
logger.info("Relogin after the ticket expired, principal: {}, current thread: {}", principal, Thread.currentThread().getName());
ugi = retryCreateUGIIfMerge(finalKrb5ConfPath, configuration, finalPrincipal, finalKeytabPath, config.getKrbName(), isMergeKrb5);
if (!isCreateNewUGI) {
ugiMap.put(threadName, ugi);
}
}
logger.info("userGroupInformation current user = {} ugi user = {} ", UserGroupInformation.getCurrentUser(), ugi.getUserName());
}
Preconditions.checkNotNull(ugi, "UserGroupInformation is null");
return KerberosUtils.retryLoginKerberosWithCallBack(ugi, supplier, finalKrb5ConfPath, configuration, finalPrincipal, finalKeytabPath, threadName, config.getKrbName(), isMergeKrb5);
} catch (Exception e) {
throw new PluginDefineException(e.getMessage());
}
}
Also used :
java.util(java.util)
SftpFileManage(com.dtstack.taier.pluginapi.sftp.SftpFileManage)
LoggerFactory(org.slf4j.LoggerFactory)
StringUtils(org.apache.commons.lang3.StringUtils)
Supplier(java.util.function.Supplier)
UserGroupInformation(org.apache.hadoop.security.UserGroupInformation)
Configuration(org.apache.hadoop.conf.Configuration)
Keytab(org.apache.kerby.kerberos.kerb.keytab.Keytab)
Logger(org.slf4j.Logger)
MapUtils(org.apache.commons.collections.MapUtils)
Files(java.nio.file.Files)
KerberosPrincipal(javax.security.auth.kerberos.KerberosPrincipal)
Timestamp(java.sql.Timestamp)
HadoopKerberosName(org.apache.hadoop.security.HadoopKerberosName)
KerberosTicket(javax.security.auth.kerberos.KerberosTicket)
Field(java.lang.reflect.Field)
PrivilegedExceptionAction(java.security.PrivilegedExceptionAction)
Maps(com.google.common.collect.Maps)
Subject(javax.security.auth.Subject)
java.io(java.io)
Paths(java.nio.file.Paths)
ConfigConstant(com.dtstack.taier.pluginapi.constrant.ConfigConstant)
Time(org.apache.hadoop.util.Time)
Preconditions(com.google.common.base.Preconditions)
BaseConfig(com.dtstack.taier.base.BaseConfig)
PluginDefineException(com.dtstack.taier.pluginapi.exception.PluginDefineException)
PrincipalName(org.apache.kerby.kerberos.kerb.type.base.PrincipalName)
SftpFileManage(com.dtstack.taier.pluginapi.sftp.SftpFileManage)
KerberosTicket(javax.security.auth.kerberos.KerberosTicket)
PluginDefineException(com.dtstack.taier.pluginapi.exception.PluginDefineException)
PluginDefineException(com.dtstack.taier.pluginapi.exception.PluginDefineException)
UserGroupInformation(org.apache.hadoop.security.UserGroupInformation)
Aggregations
BaseConfig (com.dtstack.taier.base.BaseConfig)2
PluginDefineException (com.dtstack.taier.pluginapi.exception.PluginDefineException)2
ConfigConstant (com.dtstack.taier.pluginapi.constrant.ConfigConstant)1
SftpFileManage (com.dtstack.taier.pluginapi.sftp.SftpFileManage)1
Preconditions (com.google.common.base.Preconditions)1
Maps (com.google.common.collect.Maps)1
java.io (java.io)1
Field (java.lang.reflect.Field)1
Files (java.nio.file.Files)1
Paths (java.nio.file.Paths)1
PrivilegedExceptionAction (java.security.PrivilegedExceptionAction)1
SQLException (java.sql.SQLException)1
Timestamp (java.sql.Timestamp)1
java.util (java.util)1
Supplier (java.util.function.Supplier)1
Subject (javax.security.auth.Subject)1
KerberosPrincipal (javax.security.auth.kerberos.KerberosPrincipal)1
KerberosTicket (javax.security.auth.kerberos.KerberosTicket)1
MapUtils (org.apache.commons.collections.MapUtils)1
StringUtils (org.apache.commons.lang3.StringUtils)1
