Search in sources :

Example 1 with HetuFileSystemClient

use of io.prestosql.spi.filesystem.HetuFileSystemClient in project hetu-core by openlookeng.

the class KeystoreSecurityKeyManager method createAndSaveKeystore.

private void createAndSaveKeystore(char[] key, String catalogName) throws SecurityKeyException {
    Path keystorPath = Paths.get(config.getFileStorePath());
    byte[] keyBytes = Base64.getEncoder().encode(new String(key).getBytes(Charset.forName(UTF_8)));
    SecretKey secretKey = new SecretKeySpec(keyBytes, 0, keyBytes.length, "AES");
    InputStream inputStream = null;
    OutputStream outputStream = null;
    try (HetuFileSystemClient hetuFileSystemClient = fileSystemClientManager.getFileSystemClient(config.getShareFileSystemProfile(), Paths.get("/"))) {
        boolean isStoreFileExists = hetuFileSystemClient.exists(keystorPath);
        KeyStore keyStore = KeyStore.getInstance(PKCS12);
        if (isStoreFileExists) {
            inputStream = hetuFileSystemClient.newInputStream(keystorPath);
            keyStore.load(inputStream, config.getKeystorePassword().toCharArray());
        } else {
            keyStore.load(null, null);
        }
        keyStore.setEntry(catalogName, new KeyStore.SecretKeyEntry(secretKey), new KeyStore.PasswordProtection(config.getKeystorePassword().toCharArray()));
        outputStream = hetuFileSystemClient.newOutputStream(keystorPath);
        keyStore.store(outputStream, config.getKeystorePassword().toCharArray());
        LOG.info("success to save the key for catalog[%s]..", catalogName);
    } catch (KeyStoreException e) {
        LOG.error("something wrong when use KeyStore: %s", e.getMessage());
        throw new SecurityKeyException("something wrong when use KeyStore");
    } catch (NoSuchAlgorithmException e) {
        throw new SecurityKeyException("not exists 'RSA' algorithm");
    } catch (CertificateException e) {
        LOG.error("certification is error: %s", e.getMessage());
        throw new SecurityKeyException("certification is error");
    } catch (IOException e) {
        LOG.error("error in I/O: create file failed,cause by: %s", e.getMessage());
        throw new SecurityKeyException("error in I/O: create file failed.");
    } finally {
        IOUtil.close(inputStream);
        IOUtil.close(outputStream);
    }
}
Also used : Path(java.nio.file.Path) InputStream(java.io.InputStream) OutputStream(java.io.OutputStream) CertificateException(java.security.cert.CertificateException) KeyStoreException(java.security.KeyStoreException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) IOException(java.io.IOException) KeyStore(java.security.KeyStore) SecurityKeyException(io.prestosql.spi.security.SecurityKeyException) HetuFileSystemClient(io.prestosql.spi.filesystem.HetuFileSystemClient) SecretKey(javax.crypto.SecretKey) SecretKeySpec(javax.crypto.spec.SecretKeySpec)

Example 2 with HetuFileSystemClient

use of io.prestosql.spi.filesystem.HetuFileSystemClient in project hetu-core by openlookeng.

the class KeystoreSecurityKeyManager method loadKey.

private synchronized char[] loadKey(String catalogName) throws SecurityKeyException {
    Path keystorePath = Paths.get(config.getFileStorePath());
    char[] keyStr = null;
    try (HetuFileSystemClient hetuFileSystemClient = fileSystemClientManager.getFileSystemClient(config.getShareFileSystemProfile(), Paths.get("/"));
        InputStream inputStream = hetuFileSystemClient.newInputStream(keystorePath)) {
        KeyStore keyStore = KeyStore.getInstance(PKCS12);
        keyStore.load(inputStream, config.getKeystorePassword().toCharArray());
        Key key = keyStore.getKey(catalogName, config.getKeystorePassword().toCharArray());
        if (key != null) {
            if (key instanceof SecretKey) {
                keyStr = new String(Base64.getDecoder().decode(key.getEncoded()), Charset.forName(UTF_8)).toCharArray();
                LOG.info("success to load dynamic catalog key for catalog[%s]...", catalogName);
            } else if (key instanceof RSAPrivateKey) {
                keyStr = new String(Base64.getEncoder().encode(key.getEncoded()), Charset.forName(UTF_8)).toCharArray();
                LOG.info("success to load static catalog key for catalog[%s]...", catalogName);
            }
        }
    } catch (KeyStoreException e) {
        LOG.error("something wrong when use KeyStore: %s", e.getMessage());
        throw new SecurityKeyException("something wrong when use KeyStore");
    } catch (NoSuchAlgorithmException e) {
        throw new SecurityKeyException("not exists 'AES' algorithm");
    } catch (CertificateException e) {
        LOG.error("certification is error: %s", e.getMessage());
        throw new SecurityKeyException("certification is error");
    } catch (UnrecoverableKeyException e) {
        LOG.error("not found the key for catalog[%s]: %s", catalogName, e.getMessage());
        throw new SecurityKeyException(format("not found the key for catalog[%s]", catalogName));
    } catch (IOException e) {
        LOG.error("error happened when load key from keystore  %s", e.getMessage());
        throw new SecurityKeyException("error happened when load key from keystore");
    }
    return keyStr;
}
Also used : Path(java.nio.file.Path) InputStream(java.io.InputStream) CertificateException(java.security.cert.CertificateException) KeyStoreException(java.security.KeyStoreException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) IOException(java.io.IOException) KeyStore(java.security.KeyStore) SecurityKeyException(io.prestosql.spi.security.SecurityKeyException) HetuFileSystemClient(io.prestosql.spi.filesystem.HetuFileSystemClient) SecretKey(javax.crypto.SecretKey) UnrecoverableKeyException(java.security.UnrecoverableKeyException) RSAPrivateKey(java.security.interfaces.RSAPrivateKey) RSAPrivateKey(java.security.interfaces.RSAPrivateKey) Key(java.security.Key) SecretKey(javax.crypto.SecretKey)

Example 3 with HetuFileSystemClient

use of io.prestosql.spi.filesystem.HetuFileSystemClient in project hetu-core by openlookeng.

the class KeystoreSecurityKeyManager method createStoreDirIfNotExists.

private void createStoreDirIfNotExists() {
    String file = config.getFileStorePath();
    try (HetuFileSystemClient hetuFileSystemClient = fileSystemClientManager.getFileSystemClient(config.getShareFileSystemProfile(), Paths.get("/"))) {
        int lastIndex = file.lastIndexOf(File.separator);
        String tmpFileDir = file.substring(0, lastIndex);
        if (hetuFileSystemClient.exists(Paths.get(tmpFileDir))) {
            return;
        }
        hetuFileSystemClient.createDirectories(Paths.get(tmpFileDir));
        LOG.info("success to create the store directories...");
    } catch (IOException e) {
        LOG.error("fail to create the store directories: %s", e.getMessage());
        throw new RuntimeException("fail to create the store directories.");
    }
}
Also used : HetuFileSystemClient(io.prestosql.spi.filesystem.HetuFileSystemClient) IOException(java.io.IOException)

Example 4 with HetuFileSystemClient

use of io.prestosql.spi.filesystem.HetuFileSystemClient in project hetu-core by openlookeng.

the class TestHetuFileSystemClientFactory method testCreateHdfsFS.

/**
 * Test creating HetuHdfsFileSystemClient
 *
 * @throws IOException
 */
@Test
public void testCreateHdfsFS() throws IOException {
    HetuFileSystemClientFactory factory = new HdfsFileSystemClientFactory();
    Properties properties = new Properties();
    properties.setProperty("fs.client.type", "hdfs");
    properties.setProperty("hdfs.config.resources", getResourcePath("docker_config/core-site.xml") + "," + getResourcePath("docker_config/hdfs-site.xml"));
    properties.setProperty("hdfs.authentication.type", "KERBEROS");
    properties.setProperty("hdfs.krb5.conf.path", getResourcePath("docker_config/docker_krb5.conf"));
    properties.setProperty("hdfs.krb5.keytab.path", getResourcePath("docker_config/user.keytab"));
    properties.setProperty("hdfs.krb5.principal", "user@HADOOP.COM");
    try (HetuFileSystemClient fs = factory.getFileSystemClient((properties), Paths.get("/"))) {
        assertSame(fs.getClass(), HetuHdfsFileSystemClient.class);
    }
}
Also used : HetuFileSystemClient(io.prestosql.spi.filesystem.HetuFileSystemClient) HetuFileSystemClientFactory(io.prestosql.spi.filesystem.HetuFileSystemClientFactory) Properties(java.util.Properties) Test(org.testng.annotations.Test)

Example 5 with HetuFileSystemClient

use of io.prestosql.spi.filesystem.HetuFileSystemClient in project hetu-core by openlookeng.

the class HetuMetaStoreManager method loadHetuMetastore.

public void loadHetuMetastore(FileSystemClientManager fileSystemClientManager, Map<String, String> config) throws IOException {
    // create hetu metastore
    hetuMetastoreType = config.getOrDefault(HETU_METASTORE_TYPE_PROPERTY_NAME, HETU_METASTORE_TYPE_DEFAULT_VALUE);
    metaCacheType = config.getOrDefault(HETU_METASTORE_CACHE_TYPE, HETU_METASTORE_CACHE_TYPE_DEFAULT);
    config.remove(HETU_METASTORE_TYPE_PROPERTY_NAME);
    config.remove(HETU_METASTORE_CACHE_TYPE);
    HetuMetaStoreFactory hetuMetaStoreFactory = hetuMetastoreFactories.get(hetuMetastoreType);
    checkState(hetuMetaStoreFactory != null, "hetuMetaStoreFactory %s is not registered", hetuMetaStoreFactory);
    try (ThreadContextClassLoader ignored = new ThreadContextClassLoader(HetuMetaStoreFactory.class.getClassLoader())) {
        HetuFileSystemClient client = null;
        if (HETU_METASTORE_TYPE_HETU_FILE_SYSTEM.equals(hetuMetastoreType)) {
            String profileName = config.get(HETU_METASTORE_HETU_FILE_SYSTEM_PROFILE_NAME);
            client = fileSystemClientManager.getFileSystemClient(profileName, Paths.get("/"));
        }
        if (stateStoreProvider == null) {
            stateStore = null;
            LOG.info("-- stateStore is null --");
        } else {
            stateStore = stateStoreProvider.getStateStore();
        }
        hetuMetastore = hetuMetaStoreFactory.create(hetuMetastoreType, ImmutableMap.copyOf(config), client, stateStore, metaCacheType);
    }
    LOG.info("-- Loaded Hetu Metastore %s --", hetuMetastoreType);
}
Also used : HetuFileSystemClient(io.prestosql.spi.filesystem.HetuFileSystemClient) HetuMetaStoreFactory(io.prestosql.spi.metastore.HetuMetaStoreFactory) ThreadContextClassLoader(io.prestosql.spi.classloader.ThreadContextClassLoader)

Aggregations

HetuFileSystemClient (io.prestosql.spi.filesystem.HetuFileSystemClient)16 IOException (java.io.IOException)7 Path (java.nio.file.Path)7 Properties (java.util.Properties)6 Test (org.testng.annotations.Test)6 InputStream (java.io.InputStream)5 OutputStream (java.io.OutputStream)5 ArrayList (java.util.ArrayList)4 CreateIndexMetadata (io.prestosql.spi.connector.CreateIndexMetadata)3 SecurityKeyException (io.prestosql.spi.security.SecurityKeyException)3 KeyStore (java.security.KeyStore)3 KeyStoreException (java.security.KeyStoreException)3 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)3 CertificateException (java.security.cert.CertificateException)3 Stopwatch (com.google.common.base.Stopwatch)2 HetuFileSystemClientFactory (io.prestosql.spi.filesystem.HetuFileSystemClientFactory)2 Pair (io.prestosql.spi.heuristicindex.Pair)2 ObjectInputStream (java.io.ObjectInputStream)2 ObjectOutputStream (java.io.ObjectOutputStream)2 SecretKey (javax.crypto.SecretKey)2