Example 91 with TestingServer
use of org.apache.curator.test.TestingServer in project hadoop by apache.
the class TestZKDelegationTokenSecretManager method setup.
@Before
public void setup() throws Exception {
zkServer = new TestingServer();
zkServer.start();
}
Also used :
TestingServer(org.apache.curator.test.TestingServer)
Before(org.junit.Before)
Example 92 with TestingServer
use of org.apache.curator.test.TestingServer in project hadoop by apache.
the class TestKMS method doKMSWithZK.
public void doKMSWithZK(boolean zkDTSM, boolean zkSigner) throws Exception {
TestingServer zkServer = null;
try {
zkServer = new TestingServer();
zkServer.start();
Configuration conf = new Configuration();
conf.set("hadoop.security.authentication", "kerberos");
final File testDir = getTestDir();
conf = createBaseKMSConf(testDir, conf);
conf.set("hadoop.kms.authentication.type", "kerberos");
conf.set("hadoop.kms.authentication.kerberos.keytab", keytab.getAbsolutePath());
conf.set("hadoop.kms.authentication.kerberos.principal", "HTTP/localhost");
conf.set("hadoop.kms.authentication.kerberos.name.rules", "DEFAULT");
if (zkSigner) {
conf.set("hadoop.kms.authentication.signer.secret.provider", "zookeeper");
conf.set("hadoop.kms.authentication.signer.secret.provider.zookeeper.path", "/testKMSWithZKDTSM");
conf.set("hadoop.kms.authentication.signer.secret.provider.zookeeper.connection.string", zkServer.getConnectString());
}
if (zkDTSM) {
conf.set("hadoop.kms.authentication.zk-dt-secret-manager.enable", "true");
}
if (zkDTSM && !zkSigner) {
conf.set("hadoop.kms.authentication.zk-dt-secret-manager.zkConnectionString", zkServer.getConnectString());
conf.set("hadoop.kms.authentication.zk-dt-secret-manager.znodeWorkingPath", "testZKPath");
conf.set("hadoop.kms.authentication.zk-dt-secret-manager.zkAuthType", "none");
}
for (KMSACLs.Type type : KMSACLs.Type.values()) {
conf.set(type.getAclConfigKey(), type.toString());
}
conf.set(KMSACLs.Type.CREATE.getAclConfigKey(), KMSACLs.Type.CREATE.toString() + ",SET_KEY_MATERIAL");
conf.set(KMSACLs.Type.ROLLOVER.getAclConfigKey(), KMSACLs.Type.ROLLOVER.toString() + ",SET_KEY_MATERIAL");
conf.set(KeyAuthorizationKeyProvider.KEY_ACL + "k0.ALL", "*");
conf.set(KeyAuthorizationKeyProvider.KEY_ACL + "k1.ALL", "*");
conf.set(KeyAuthorizationKeyProvider.KEY_ACL + "k2.ALL", "*");
conf.set(KeyAuthorizationKeyProvider.KEY_ACL + "k3.ALL", "*");
writeConf(testDir, conf);
KMSCallable<KeyProvider> c = new KMSCallable<KeyProvider>() {
@Override
public KeyProvider call() throws Exception {
final Configuration conf = new Configuration();
conf.setInt(KeyProvider.DEFAULT_BITLENGTH_NAME, 128);
final URI uri = createKMSUri(getKMSUrl());
final KeyProvider kp = doAs("SET_KEY_MATERIAL", new PrivilegedExceptionAction<KeyProvider>() {
@Override
public KeyProvider run() throws Exception {
KeyProvider kp = createProvider(uri, conf);
kp.createKey("k1", new byte[16], new KeyProvider.Options(conf));
kp.createKey("k2", new byte[16], new KeyProvider.Options(conf));
kp.createKey("k3", new byte[16], new KeyProvider.Options(conf));
return kp;
}
});
return kp;
}
};
runServer(null, null, testDir, c);
} finally {
if (zkServer != null) {
zkServer.stop();
zkServer.close();
}
}
}
Also used :
TestingServer(org.apache.curator.test.TestingServer)
KeyProvider(org.apache.hadoop.crypto.key.KeyProvider)
Options(org.apache.hadoop.crypto.key.KeyProvider.Options)
Configuration(org.apache.hadoop.conf.Configuration)
URI(java.net.URI)
AuthorizationException(org.apache.hadoop.security.authorize.AuthorizationException)
SocketTimeoutException(java.net.SocketTimeoutException)
IOException(java.io.IOException)
File(java.io.File)
Example 93 with TestingServer
use of org.apache.curator.test.TestingServer in project hadoop by apache.
the class TestKMSWithZK method testMultipleKMSInstancesWithZKSigner.
@Test
public void testMultipleKMSInstancesWithZKSigner() throws Exception {
final File testDir = TestKMS.getTestDir();
Configuration conf = createBaseKMSConf(testDir);
TestingServer zkServer = new TestingServer();
zkServer.start();
MiniKMS kms1 = null;
MiniKMS kms2 = null;
conf.set(KMSAuthenticationFilter.CONFIG_PREFIX + AuthenticationFilter.SIGNER_SECRET_PROVIDER, "zookeeper");
conf.set(KMSAuthenticationFilter.CONFIG_PREFIX + ZKSignerSecretProvider.ZOOKEEPER_CONNECTION_STRING, zkServer.getConnectString());
conf.set(KMSAuthenticationFilter.CONFIG_PREFIX + ZKSignerSecretProvider.ZOOKEEPER_PATH, "/secret");
TestKMS.writeConf(testDir, conf);
try {
kms1 = new MiniKMS.Builder().setKmsConfDir(testDir).setLog4jConfFile("log4j.properties").build();
kms1.start();
kms2 = new MiniKMS.Builder().setKmsConfDir(testDir).setLog4jConfFile("log4j.properties").build();
kms2.start();
final URL url1 = new URL(kms1.getKMSUrl().toExternalForm() + KMSRESTConstants.SERVICE_VERSION + "/" + KMSRESTConstants.KEYS_NAMES_RESOURCE);
final URL url2 = new URL(kms2.getKMSUrl().toExternalForm() + KMSRESTConstants.SERVICE_VERSION + "/" + KMSRESTConstants.KEYS_NAMES_RESOURCE);
final DelegationTokenAuthenticatedURL.Token token = new DelegationTokenAuthenticatedURL.Token();
final DelegationTokenAuthenticatedURL aUrl = new DelegationTokenAuthenticatedURL();
UserGroupInformation ugiFoo = UserGroupInformation.createUserForTesting("foo", new String[] { "gfoo" });
UserGroupInformation ugiBar = UserGroupInformation.createUserForTesting("bar", new String[] { "gBar" });
ugiFoo.doAs(new PrivilegedExceptionAction<Object>() {
@Override
public Object run() throws Exception {
HttpURLConnection conn = aUrl.openConnection(url1, token);
Assert.assertEquals(HttpURLConnection.HTTP_OK, conn.getResponseCode());
return null;
}
});
ugiBar.doAs(new PrivilegedExceptionAction<Object>() {
@Override
public Object run() throws Exception {
HttpURLConnection conn = aUrl.openConnection(url2, token);
Assert.assertEquals(HttpURLConnection.HTTP_OK, conn.getResponseCode());
return null;
}
});
ugiBar.doAs(new PrivilegedExceptionAction<Object>() {
@Override
public Object run() throws Exception {
final DelegationTokenAuthenticatedURL.Token emptyToken = new DelegationTokenAuthenticatedURL.Token();
HttpURLConnection conn = aUrl.openConnection(url2, emptyToken);
Assert.assertEquals(HttpURLConnection.HTTP_FORBIDDEN, conn.getResponseCode());
return null;
}
});
} finally {
if (kms2 != null) {
kms2.stop();
}
if (kms1 != null) {
kms1.stop();
}
zkServer.stop();
}
}
Also used :
TestingServer(org.apache.curator.test.TestingServer)
Configuration(org.apache.hadoop.conf.Configuration)
DelegationTokenAuthenticatedURL(org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticatedURL)
URL(java.net.URL)
DelegationTokenAuthenticatedURL(org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticatedURL)
AuthorizationException(org.apache.hadoop.security.authorize.AuthorizationException)
SocketTimeoutException(java.net.SocketTimeoutException)
IOException(java.io.IOException)
HttpURLConnection(java.net.HttpURLConnection)
File(java.io.File)
UserGroupInformation(org.apache.hadoop.security.UserGroupInformation)
Test(org.junit.Test)
Example 94 with TestingServer
use of org.apache.curator.test.TestingServer in project chassis by Kixeye.
the class ConfigurationBuilderTest method initializeZookeeper.
private static void initializeZookeeper() throws Exception {
zookeeperServer = new TestingServer();
curatorFramework = CuratorFrameworkFactory.newClient(zookeeperServer.getConnectString(), new RetryOneTime(1000));
curatorFramework.start();
}
Also used :
TestingServer(org.apache.curator.test.TestingServer)
RetryOneTime(org.apache.curator.retry.RetryOneTime)
Example 95 with TestingServer
use of org.apache.curator.test.TestingServer in project chassis by Kixeye.
the class CuratorFrameworkBuilderTest method zookeeperStarted.
@Test
public void zookeeperStarted() throws Exception {
testingServer = new TestingServer(SocketUtils.findAvailableTcpPort());
try (CuratorFramework curatorFramework = new CuratorFrameworkBuilder(true).withZookeeper(testingServer.getConnectString()).build()) {
Assert.assertEquals(CuratorFrameworkState.STARTED, curatorFramework.getState());
Assert.assertNull(curatorFramework.checkExists().forPath("/test"));
curatorFramework.create().forPath("/test");
Assert.assertNotNull(curatorFramework.checkExists().forPath("/test"));
}
}
Also used :
TestingServer(org.apache.curator.test.TestingServer)
CuratorFramework(org.apache.curator.framework.CuratorFramework)
CuratorFrameworkBuilder(com.kixeye.chassis.bootstrap.configuration.zookeeper.CuratorFrameworkBuilder)
Test(org.junit.Test)
Aggregations
TestingServer (org.apache.curator.test.TestingServer)150
Before (org.junit.Before)38
Test (org.junit.Test)30
CuratorFramework (org.apache.curator.framework.CuratorFramework)28
File (java.io.File)27
Properties (java.util.Properties)18
KafkaConfig (kafka.server.KafkaConfig)15
RetryOneTime (org.apache.curator.retry.RetryOneTime)15
Test (org.testng.annotations.Test)15
ExponentialBackoffRetry (org.apache.curator.retry.ExponentialBackoffRetry)14
IOException (java.io.IOException)13
Timing (org.apache.curator.test.Timing)13
HashMap (java.util.HashMap)12
ZkClient (org.I0Itec.zkclient.ZkClient)12
ServerSocket (java.net.ServerSocket)11
KafkaServerStartable (kafka.server.KafkaServerStartable)11
ZkUtils (kafka.utils.ZkUtils)11
ZkConnection (org.I0Itec.zkclient.ZkConnection)11
BeforeClass (org.junit.BeforeClass)11
TestingServerStarter (io.pravega.test.common.TestingServerStarter)9
