Example 26 with IZooReaderWriter
use of org.apache.accumulo.fate.zookeeper.IZooReaderWriter in project accumulo by apache.
the class ZKPermHandler method initUser.
@Override
public void initUser(String user) throws AccumuloSecurityException {
IZooReaderWriter zoo = ZooReaderWriter.getInstance();
try {
zoo.putPersistentData(ZKUserPath + "/" + user, new byte[0], NodeExistsPolicy.SKIP);
zoo.putPersistentData(ZKUserPath + "/" + user + ZKUserTablePerms, new byte[0], NodeExistsPolicy.SKIP);
zoo.putPersistentData(ZKUserPath + "/" + user + ZKUserNamespacePerms, new byte[0], NodeExistsPolicy.SKIP);
} catch (KeeperException e) {
log.error("{}", e.getMessage(), e);
throw new AccumuloSecurityException(user, SecurityErrorCode.CONNECTION_ERROR, e);
} catch (InterruptedException e) {
log.error("{}", e.getMessage(), e);
throw new RuntimeException(e);
}
}
Also used :
IZooReaderWriter(org.apache.accumulo.fate.zookeeper.IZooReaderWriter)
AccumuloSecurityException(org.apache.accumulo.core.client.AccumuloSecurityException)
KeeperException(org.apache.zookeeper.KeeperException)
Example 27 with IZooReaderWriter
use of org.apache.accumulo.fate.zookeeper.IZooReaderWriter in project accumulo by apache.
the class ChangeSecret method rewriteZooKeeperInstance.
private static void rewriteZooKeeperInstance(final Instance inst, final String newInstanceId, String oldPass, String newPass) throws Exception {
final ZooReaderWriter orig = new ZooReaderWriter(inst.getZooKeepers(), inst.getZooKeepersSessionTimeOut(), oldPass);
final IZooReaderWriter new_ = new ZooReaderWriter(inst.getZooKeepers(), inst.getZooKeepersSessionTimeOut(), newPass);
String root = ZooUtil.getRoot(inst);
recurse(orig, root, new Visitor() {
@Override
public void visit(ZooReader zoo, String path) throws Exception {
String newPath = path.replace(inst.getInstanceID(), newInstanceId);
byte[] data = zoo.getData(path, null);
List<ACL> acls = orig.getZooKeeper().getACL(path, new Stat());
if (acls.containsAll(Ids.READ_ACL_UNSAFE)) {
new_.putPersistentData(newPath, data, NodeExistsPolicy.FAIL);
} else {
// upgrade
if (acls.containsAll(Ids.OPEN_ACL_UNSAFE)) {
// make user nodes private, they contain the user's password
String[] parts = path.split("/");
if (parts[parts.length - 2].equals("users")) {
new_.putPrivatePersistentData(newPath, data, NodeExistsPolicy.FAIL);
} else {
// everything else can have the readable acl
new_.putPersistentData(newPath, data, NodeExistsPolicy.FAIL);
}
} else {
new_.putPrivatePersistentData(newPath, data, NodeExistsPolicy.FAIL);
}
}
}
});
String path = "/accumulo/instances/" + inst.getInstanceName();
orig.recursiveDelete(path, NodeMissingPolicy.SKIP);
new_.putPersistentData(path, newInstanceId.getBytes(UTF_8), NodeExistsPolicy.OVERWRITE);
}
Also used :
ZooReader(org.apache.accumulo.fate.zookeeper.ZooReader)
Stat(org.apache.zookeeper.data.Stat)
IZooReaderWriter(org.apache.accumulo.fate.zookeeper.IZooReaderWriter)
ZooReaderWriter(org.apache.accumulo.server.zookeeper.ZooReaderWriter)
IZooReaderWriter(org.apache.accumulo.fate.zookeeper.IZooReaderWriter)
ArrayList(java.util.ArrayList)
List(java.util.List)
IOException(java.io.IOException)
Example 28 with IZooReaderWriter
use of org.apache.accumulo.fate.zookeeper.IZooReaderWriter in project accumulo by apache.
the class ChangeSecret method deleteInstance.
private static void deleteInstance(Instance origInstance, String oldPass) throws Exception {
IZooReaderWriter orig = new ZooReaderWriter(origInstance.getZooKeepers(), origInstance.getZooKeepersSessionTimeOut(), oldPass);
orig.recursiveDelete("/accumulo/" + origInstance.getInstanceID(), NodeMissingPolicy.SKIP);
}
Also used :
IZooReaderWriter(org.apache.accumulo.fate.zookeeper.IZooReaderWriter)
ZooReaderWriter(org.apache.accumulo.server.zookeeper.ZooReaderWriter)
IZooReaderWriter(org.apache.accumulo.fate.zookeeper.IZooReaderWriter)
Example 29 with IZooReaderWriter
use of org.apache.accumulo.fate.zookeeper.IZooReaderWriter in project accumulo by apache.
the class KerberosAuthenticator method initializeSecurity.
@Override
public void initializeSecurity(TCredentials credentials, String principal, byte[] token) throws AccumuloSecurityException, ThriftSecurityException {
try {
// remove old settings from zookeeper first, if any
IZooReaderWriter zoo = ZooReaderWriter.getInstance();
synchronized (zooCache) {
zooCache.clear();
if (zoo.exists(zkUserPath)) {
zoo.recursiveDelete(zkUserPath, NodeMissingPolicy.SKIP);
log.info("Removed {}/ from zookeeper", zkUserPath);
}
// prep parent node of users with root username
// ACCUMULO-4140 The root user needs to be stored un-base64 encoded in the znode's value
byte[] principalData = principal.getBytes(UTF_8);
zoo.putPersistentData(zkUserPath, principalData, NodeExistsPolicy.FAIL);
// Create the root user in ZK using base64 encoded name (since the name is included in the znode)
createUserNodeInZk(Base64.getEncoder().encodeToString(principalData));
}
} catch (KeeperException | InterruptedException e) {
log.error("Failed to initialize security", e);
throw new RuntimeException(e);
}
}
Also used :
IZooReaderWriter(org.apache.accumulo.fate.zookeeper.IZooReaderWriter)
KeeperException(org.apache.zookeeper.KeeperException)
Example 30 with IZooReaderWriter
use of org.apache.accumulo.fate.zookeeper.IZooReaderWriter in project accumulo by apache.
the class TabletServerLocks method main.
public static void main(String[] args) throws Exception {
Instance instance = HdfsZooInstance.getInstance();
String tserverPath = ZooUtil.getRoot(instance) + Constants.ZTSERVERS;
Opts opts = new Opts();
opts.parseArgs(TabletServerLocks.class.getName(), args);
ZooCache cache = new ZooCache(instance.getZooKeepers(), instance.getZooKeepersSessionTimeOut());
if (opts.list) {
IZooReaderWriter zoo = ZooReaderWriter.getInstance();
List<String> tabletServers = zoo.getChildren(tserverPath);
for (String tabletServer : tabletServers) {
byte[] lockData = ZooLock.getLockData(cache, tserverPath + "/" + tabletServer, null);
String holder = null;
if (lockData != null) {
holder = new String(lockData, UTF_8);
}
System.out.printf("%32s %16s%n", tabletServer, holder);
}
} else if (opts.delete != null) {
ZooLock.deleteLock(tserverPath + "/" + args[1]);
} else {
System.out.println("Usage : " + TabletServerLocks.class.getName() + " -list|-delete <tserver lock>");
}
}
Also used :
Instance(org.apache.accumulo.core.client.Instance)
HdfsZooInstance(org.apache.accumulo.server.client.HdfsZooInstance)
IZooReaderWriter(org.apache.accumulo.fate.zookeeper.IZooReaderWriter)
ZooCache(org.apache.accumulo.fate.zookeeper.ZooCache)
Aggregations
IZooReaderWriter (org.apache.accumulo.fate.zookeeper.IZooReaderWriter)57
KeeperException (org.apache.zookeeper.KeeperException)25
IOException (java.io.IOException)13
AccumuloSecurityException (org.apache.accumulo.core.client.AccumuloSecurityException)11
Instance (org.apache.accumulo.core.client.Instance)11
AcceptableThriftTableOperationException (org.apache.accumulo.core.client.impl.AcceptableThriftTableOperationException)8
Mutator (org.apache.accumulo.fate.zookeeper.IZooReaderWriter.Mutator)6
HdfsZooInstance (org.apache.accumulo.server.client.HdfsZooInstance)6
AccumuloException (org.apache.accumulo.core.client.AccumuloException)5
TException (org.apache.thrift.TException)5
NoNodeException (org.apache.zookeeper.KeeperException.NoNodeException)5
ArrayList (java.util.ArrayList)4
TableNotFoundException (org.apache.accumulo.core.client.TableNotFoundException)4
ZooReaderWriterFactory (org.apache.accumulo.server.zookeeper.ZooReaderWriterFactory)4
File (java.io.File)3
Entry (java.util.Map.Entry)3
Connector (org.apache.accumulo.core.client.Connector)3
Scanner (org.apache.accumulo.core.client.Scanner)3
AccumuloConfiguration (org.apache.accumulo.core.conf.AccumuloConfiguration)3
Key (org.apache.accumulo.core.data.Key)3
