Examples with ZKPermHandler - org.apache.accumulo.server.security.handler.ZKPermHandler

Example 1 with ZKPermHandler

use of org.apache.accumulo.server.security.handler.ZKPermHandler in project accumulo by apache.

the class Master method upgradeZookeeper.

private void upgradeZookeeper() {
    // 1.5.1 and 1.6.0 both do some state checking after obtaining the zoolock for the
    // monitor and before starting up. It's not tied to the data version at all (and would
    // introduce unnecessary complexity to try to make the master do it), but be aware
    // that the master is not the only thing that may alter zookeeper before starting.
    final int accumuloPersistentVersion = Accumulo.getAccumuloPersistentVersion(fs);
    if (Accumulo.persistentVersionNeedsUpgrade(accumuloPersistentVersion)) {
        // Change to Guava's Verify once we use Guava 17.
        if (null != fate) {
            throw new IllegalStateException("Access to Fate should not have been initialized prior to the Master transitioning to active. Please save all logs and file a bug.");
        }
        Accumulo.abortIfFateTransactions();
        try {
            log.info("Upgrading zookeeper");
            IZooReaderWriter zoo = ZooReaderWriter.getInstance();
            final String zooRoot = ZooUtil.getRoot(getInstance());
            log.debug("Handling updates for version {}", accumuloPersistentVersion);
            log.debug("Cleaning out remnants of logger role.");
            zoo.recursiveDelete(zooRoot + "/loggers", NodeMissingPolicy.SKIP);
            zoo.recursiveDelete(zooRoot + "/dead/loggers", NodeMissingPolicy.SKIP);
            final byte[] zero = new byte[] { '0' };
            log.debug("Initializing recovery area.");
            zoo.putPersistentData(zooRoot + Constants.ZRECOVERY, zero, NodeExistsPolicy.SKIP);
            for (String id : zoo.getChildren(zooRoot + Constants.ZTABLES)) {
                log.debug("Prepping table {} for compaction cancellations.", id);
                zoo.putPersistentData(zooRoot + Constants.ZTABLES + "/" + id + Constants.ZTABLE_COMPACT_CANCEL_ID, zero, NodeExistsPolicy.SKIP);
            }
            @SuppressWarnings("deprecation") String zpath = zooRoot + Constants.ZCONFIG + "/" + Property.TSERV_WAL_SYNC_METHOD.getKey();
            // is the entire instance set to use flushing vs sync?
            boolean flushDefault = false;
            try {
                byte[] data = zoo.getData(zpath, null);
                if (new String(data, UTF_8).endsWith("flush")) {
                    flushDefault = true;
                }
            } catch (KeeperException.NoNodeException ex) {
            // skip
            }
            for (String id : zoo.getChildren(zooRoot + Constants.ZTABLES)) {
                log.debug("Converting table {} WALog setting to Durability", id);
                try {
                    @SuppressWarnings("deprecation") String path = zooRoot + Constants.ZTABLES + "/" + id + Constants.ZTABLE_CONF + "/" + Property.TABLE_WALOG_ENABLED.getKey();
                    byte[] data = zoo.getData(path, null);
                    boolean useWAL = Boolean.parseBoolean(new String(data, UTF_8));
                    zoo.recursiveDelete(path, NodeMissingPolicy.FAIL);
                    path = zooRoot + Constants.ZTABLES + "/" + id + Constants.ZTABLE_CONF + "/" + Property.TABLE_DURABILITY.getKey();
                    if (useWAL) {
                        if (flushDefault) {
                            zoo.putPersistentData(path, "flush".getBytes(), NodeExistsPolicy.SKIP);
                        } else {
                            zoo.putPersistentData(path, "sync".getBytes(), NodeExistsPolicy.SKIP);
                        }
                    } else {
                        zoo.putPersistentData(path, "none".getBytes(), NodeExistsPolicy.SKIP);
                    }
                } catch (KeeperException.NoNodeException ex) {
                // skip it
                }
            }
            // create initial namespaces
            String namespaces = ZooUtil.getRoot(getInstance()) + Constants.ZNAMESPACES;
            zoo.putPersistentData(namespaces, new byte[0], NodeExistsPolicy.SKIP);
            for (Pair<String, Namespace.ID> namespace : Iterables.concat(Collections.singleton(new Pair<>(Namespace.ACCUMULO, Namespace.ID.ACCUMULO)), Collections.singleton(new Pair<>(Namespace.DEFAULT, Namespace.ID.DEFAULT)))) {
                String ns = namespace.getFirst();
                Namespace.ID id = namespace.getSecond();
                log.debug("Upgrade creating namespace \"{}\" (ID: {})", ns, id);
                if (!Namespaces.exists(getInstance(), id))
                    TableManager.prepareNewNamespaceState(getInstance().getInstanceID(), id, ns, NodeExistsPolicy.SKIP);
            }
            // create replication table in zk
            log.debug("Upgrade creating table {} (ID: {})", ReplicationTable.NAME, ReplicationTable.ID);
            TableManager.prepareNewTableState(getInstance().getInstanceID(), ReplicationTable.ID, Namespace.ID.ACCUMULO, ReplicationTable.NAME, TableState.OFFLINE, NodeExistsPolicy.SKIP);
            // create root table
            log.debug("Upgrade creating table {} (ID: {})", RootTable.NAME, RootTable.ID);
            TableManager.prepareNewTableState(getInstance().getInstanceID(), RootTable.ID, Namespace.ID.ACCUMULO, RootTable.NAME, TableState.ONLINE, NodeExistsPolicy.SKIP);
            Initialize.initSystemTablesConfig();
            // ensure root user can flush root table
            security.grantTablePermission(rpcCreds(), security.getRootUsername(), RootTable.ID, TablePermission.ALTER_TABLE, Namespace.ID.ACCUMULO);
            // put existing tables in the correct namespaces
            String tables = ZooUtil.getRoot(getInstance()) + Constants.ZTABLES;
            for (String tableId : zoo.getChildren(tables)) {
                Namespace.ID targetNamespace = (MetadataTable.ID.canonicalID().equals(tableId) || RootTable.ID.canonicalID().equals(tableId)) ? Namespace.ID.ACCUMULO : Namespace.ID.DEFAULT;
                log.debug("Upgrade moving table {} (ID: {}) into namespace with ID {}", new String(zoo.getData(tables + "/" + tableId + Constants.ZTABLE_NAME, null), UTF_8), tableId, targetNamespace);
                zoo.putPersistentData(tables + "/" + tableId + Constants.ZTABLE_NAMESPACE, targetNamespace.getUtf8(), NodeExistsPolicy.SKIP);
            }
            // rename metadata table
            log.debug("Upgrade renaming table {} (ID: {}) to {}", MetadataTable.OLD_NAME, MetadataTable.ID, MetadataTable.NAME);
            zoo.putPersistentData(tables + "/" + MetadataTable.ID + Constants.ZTABLE_NAME, Tables.qualify(MetadataTable.NAME).getSecond().getBytes(UTF_8), NodeExistsPolicy.OVERWRITE);
            moveRootTabletToRootTable(zoo);
            // add system namespace permissions to existing users
            ZKPermHandler perm = new ZKPermHandler();
            perm.initialize(getInstance().getInstanceID(), true);
            String users = ZooUtil.getRoot(getInstance()) + "/users";
            for (String user : zoo.getChildren(users)) {
                zoo.putPersistentData(users + "/" + user + "/Namespaces", new byte[0], NodeExistsPolicy.SKIP);
                perm.grantNamespacePermission(user, Namespace.ID.ACCUMULO, NamespacePermission.READ);
            }
            perm.grantNamespacePermission("root", Namespace.ID.ACCUMULO, NamespacePermission.ALTER_TABLE);
            // add the currlog location for root tablet current logs
            zoo.putPersistentData(ZooUtil.getRoot(getInstance()) + RootTable.ZROOT_TABLET_CURRENT_LOGS, new byte[0], NodeExistsPolicy.SKIP);
            // create tablet server wal logs node in ZK
            zoo.putPersistentData(ZooUtil.getRoot(getInstance()) + WalStateManager.ZWALS, new byte[0], NodeExistsPolicy.SKIP);
            haveUpgradedZooKeeper = true;
        } catch (Exception ex) {
            // ACCUMULO-3651 Changed level to error and added FATAL to message for slf4j compatibility
            log.error("FATAL: Error performing upgrade", ex);
            System.exit(1);
        }
    }
}

Also used : ZKPermHandler(org.apache.accumulo.server.security.handler.ZKPermHandler) Namespace(org.apache.accumulo.core.client.impl.Namespace) TableNotFoundException(org.apache.accumulo.core.client.TableNotFoundException) NoAuthException(org.apache.zookeeper.KeeperException.NoAuthException) WalMarkerException(org.apache.accumulo.server.log.WalStateManager.WalMarkerException) TException(org.apache.thrift.TException) IOException(java.io.IOException) ThriftTableOperationException(org.apache.accumulo.core.client.impl.thrift.ThriftTableOperationException) TTransportException(org.apache.thrift.transport.TTransportException) AccumuloSecurityException(org.apache.accumulo.core.client.AccumuloSecurityException) KeeperException(org.apache.zookeeper.KeeperException) AccumuloException(org.apache.accumulo.core.client.AccumuloException) IZooReaderWriter(org.apache.accumulo.fate.zookeeper.IZooReaderWriter) KeeperException(org.apache.zookeeper.KeeperException) Pair(org.apache.accumulo.core.util.Pair)

Aggregations

IOException (java.io.IOException)1 AccumuloException (org.apache.accumulo.core.client.AccumuloException)1 AccumuloSecurityException (org.apache.accumulo.core.client.AccumuloSecurityException)1 TableNotFoundException (org.apache.accumulo.core.client.TableNotFoundException)1 Namespace (org.apache.accumulo.core.client.impl.Namespace)1 ThriftTableOperationException (org.apache.accumulo.core.client.impl.thrift.ThriftTableOperationException)1 Pair (org.apache.accumulo.core.util.Pair)1 IZooReaderWriter (org.apache.accumulo.fate.zookeeper.IZooReaderWriter)1 WalMarkerException (org.apache.accumulo.server.log.WalStateManager.WalMarkerException)1 ZKPermHandler (org.apache.accumulo.server.security.handler.ZKPermHandler)1 TException (org.apache.thrift.TException)1 TTransportException (org.apache.thrift.transport.TTransportException)1 KeeperException (org.apache.zookeeper.KeeperException)1 NoAuthException (org.apache.zookeeper.KeeperException.NoAuthException)1