Search in sources :

Example 6 with NonTransientRpcException

use of org.apache.drill.exec.rpc.NonTransientRpcException in project drill by axbaretto.

the class TestUserBitSaslCompatibility method testEnableDrillbitEncryption_DisableClientAuth.

/**
 * Test showing failure in SASL handshake when Drillbit is configured for encryption whereas client doesn't provide any
 * security properties like username/password in this case.
 * @throws Exception
 */
@Test
public void testEnableDrillbitEncryption_DisableClientAuth() throws Exception {
    final DrillConfig newConfig = new DrillConfig(DrillConfig.create(cloneDefaultTestConfigProperties()).withValue(ExecConstants.USER_AUTHENTICATION_ENABLED, ConfigValueFactory.fromAnyRef(true)).withValue(ExecConstants.USER_AUTHENTICATOR_IMPL, ConfigValueFactory.fromAnyRef(UserAuthenticatorTestImpl.TYPE)).withValue(ExecConstants.AUTHENTICATION_MECHANISMS, ConfigValueFactory.fromIterable(Lists.newArrayList("plain"))).withValue(ExecConstants.USER_ENCRYPTION_SASL_ENABLED, ConfigValueFactory.fromAnyRef(true)));
    final Properties connectionProps = new Properties();
    connectionProps.setProperty(DrillProperties.USER, "anonymous");
    connectionProps.setProperty(DrillProperties.PASSWORD, "anything works!");
    try {
        updateTestCluster(1, newConfig, connectionProps);
        fail();
    } catch (Exception ex) {
        assertTrue(ex.getCause() instanceof NonTransientRpcException);
        assertTrue(ex.getCause().getCause() instanceof SaslException);
    }
}
Also used : DrillConfig(org.apache.drill.common.config.DrillConfig) NonTransientRpcException(org.apache.drill.exec.rpc.NonTransientRpcException) Properties(java.util.Properties) DrillProperties(org.apache.drill.common.config.DrillProperties) SaslException(javax.security.sasl.SaslException) SaslException(javax.security.sasl.SaslException) NonTransientRpcException(org.apache.drill.exec.rpc.NonTransientRpcException) Test(org.junit.Test) SecurityTest(org.apache.drill.categories.SecurityTest)

Example 7 with NonTransientRpcException

use of org.apache.drill.exec.rpc.NonTransientRpcException in project drill by apache.

the class TestUserBitKerberosEncryption method encryptionEnabledWithOnlyPlainMech.

@Test
public void encryptionEnabledWithOnlyPlainMech() {
    try {
        final Properties connectionProps = new Properties();
        connectionProps.setProperty(DrillProperties.SERVICE_PRINCIPAL, krbHelper.SERVER_PRINCIPAL);
        connectionProps.setProperty(DrillProperties.USER, krbHelper.CLIENT_PRINCIPAL);
        connectionProps.setProperty(DrillProperties.KEYTAB, krbHelper.clientKeytab.getAbsolutePath());
        newConfig = new DrillConfig(DrillConfig.create(cloneDefaultTestConfigProperties()).withValue(ExecConstants.USER_AUTHENTICATION_ENABLED, ConfigValueFactory.fromAnyRef(true)).withValue(ExecConstants.USER_AUTHENTICATOR_IMPL, ConfigValueFactory.fromAnyRef(UserAuthenticatorTestImpl.TYPE)).withValue(ExecConstants.SERVICE_PRINCIPAL, ConfigValueFactory.fromAnyRef(krbHelper.SERVER_PRINCIPAL)).withValue(ExecConstants.SERVICE_KEYTAB_LOCATION, ConfigValueFactory.fromAnyRef(krbHelper.serverKeytab.toString())).withValue(ExecConstants.AUTHENTICATION_MECHANISMS, ConfigValueFactory.fromIterable(Lists.newArrayList("plain"))).withValue(ExecConstants.USER_ENCRYPTION_SASL_ENABLED, ConfigValueFactory.fromAnyRef(true)));
        updateTestCluster(1, newConfig, connectionProps);
        fail();
    } catch (Exception ex) {
        assert (ex.getCause() instanceof NonTransientRpcException);
        logger.error("Caught exception: ", ex);
    }
}
Also used : DrillConfig(org.apache.drill.common.config.DrillConfig) NonTransientRpcException(org.apache.drill.exec.rpc.NonTransientRpcException) DrillProperties(org.apache.drill.common.config.DrillProperties) Properties(java.util.Properties) RpcException(org.apache.drill.exec.rpc.RpcException) NonTransientRpcException(org.apache.drill.exec.rpc.NonTransientRpcException) SecurityTest(org.apache.drill.categories.SecurityTest) Test(org.junit.Test)

Example 8 with NonTransientRpcException

use of org.apache.drill.exec.rpc.NonTransientRpcException in project drill by apache.

the class TestUserBitSaslCompatibility method testDisableDrillbitEncryption_EnableClientEncryption.

/**
 * Test showing failure before SASL handshake when Drillbit is not configured for encryption whereas client explicitly
 * requested for encrypted connection.
 * @throws Exception
 */
@Test
public void testDisableDrillbitEncryption_EnableClientEncryption() throws Exception {
    final DrillConfig newConfig = new DrillConfig(DrillConfig.create(cloneDefaultTestConfigProperties()).withValue(ExecConstants.USER_AUTHENTICATION_ENABLED, ConfigValueFactory.fromAnyRef(true)).withValue(ExecConstants.USER_AUTHENTICATOR_IMPL, ConfigValueFactory.fromAnyRef(UserAuthenticatorTestImpl.TYPE)).withValue(ExecConstants.AUTHENTICATION_MECHANISMS, ConfigValueFactory.fromIterable(Lists.newArrayList("plain"))).withValue(ExecConstants.USER_ENCRYPTION_SASL_ENABLED, ConfigValueFactory.fromAnyRef(false)));
    final Properties connectionProps = new Properties();
    connectionProps.setProperty(DrillProperties.USER, "anonymous");
    connectionProps.setProperty(DrillProperties.PASSWORD, "anything works!");
    connectionProps.setProperty(DrillProperties.SASL_ENCRYPT, "true");
    try {
        updateTestCluster(1, newConfig, connectionProps);
        fail();
    } catch (Exception ex) {
        assertTrue(ex.getCause() instanceof NonTransientRpcException);
        assertTrue(!(ex.getCause().getCause() instanceof SaslException));
    }
}
Also used : DrillConfig(org.apache.drill.common.config.DrillConfig) NonTransientRpcException(org.apache.drill.exec.rpc.NonTransientRpcException) Properties(java.util.Properties) DrillProperties(org.apache.drill.common.config.DrillProperties) SaslException(javax.security.sasl.SaslException) SaslException(javax.security.sasl.SaslException) NonTransientRpcException(org.apache.drill.exec.rpc.NonTransientRpcException) Test(org.junit.Test) SecurityTest(org.apache.drill.categories.SecurityTest)

Example 9 with NonTransientRpcException

use of org.apache.drill.exec.rpc.NonTransientRpcException in project drill by apache.

the class TestUserBitSaslCompatibility method testDisableDrillbitAuth_EnableClientAuthKerberos.

/**
 * Test showing when Drillbit is not configured for authentication whereas client explicitly requested for Kerberos
 * authentication then connection fails due to new check before SASL Handshake.
 * @throws Exception
 */
@Test
public void testDisableDrillbitAuth_EnableClientAuthKerberos() throws Exception {
    final DrillConfig newConfig = new DrillConfig(DrillConfig.create(cloneDefaultTestConfigProperties()).withValue(ExecConstants.USER_AUTHENTICATION_ENABLED, ConfigValueFactory.fromAnyRef(false)));
    final Properties connectionProps = new Properties();
    connectionProps.setProperty(DrillProperties.AUTH_MECHANISM, "kerberos");
    try {
        updateTestCluster(1, newConfig, connectionProps);
        fail();
    } catch (Exception ex) {
        assertTrue(ex.getCause() instanceof NonTransientRpcException);
        assertTrue(!(ex.getCause().getCause() instanceof SaslException));
    }
}
Also used : DrillConfig(org.apache.drill.common.config.DrillConfig) NonTransientRpcException(org.apache.drill.exec.rpc.NonTransientRpcException) Properties(java.util.Properties) DrillProperties(org.apache.drill.common.config.DrillProperties) SaslException(javax.security.sasl.SaslException) SaslException(javax.security.sasl.SaslException) NonTransientRpcException(org.apache.drill.exec.rpc.NonTransientRpcException) Test(org.junit.Test) SecurityTest(org.apache.drill.categories.SecurityTest)

Example 10 with NonTransientRpcException

use of org.apache.drill.exec.rpc.NonTransientRpcException in project drill by apache.

the class DrillClient method connect.

/**
 * Start's a connection from client to server
 * @param connect - Zookeeper connection string provided at connection URL
 * @param props - not null {@link Properties} filled with connection url parameters
 * @throws RpcException
 */
public synchronized void connect(String connect, Properties props) throws RpcException {
    if (connected) {
        return;
    }
    properties = DrillProperties.createFromProperties(props);
    final List<DrillbitEndpoint> endpoints = new ArrayList<>();
    if (isDirectConnection) {
        // Populate the endpoints list with all the drillbit information provided in the connection string
        endpoints.addAll(parseAndVerifyEndpoints(properties.getProperty(DrillProperties.DRILLBIT_CONNECTION), config.getString(ExecConstants.INITIAL_USER_PORT)));
    } else {
        if (ownsZkConnection) {
            try {
                this.clusterCoordinator = new ZKClusterCoordinator(this.config, connect);
                this.clusterCoordinator.start(10000);
            } catch (Exception e) {
                throw new RpcException("Failure setting up ZK for client.", e);
            }
        }
        // Gets the drillbit endpoints that are ONLINE and excludes the drillbits that are
        // in QUIESCENT state. This avoids the clients connecting to drillbits that are
        // shutting down thereby avoiding reducing the chances of query failures.
        endpoints.addAll(clusterCoordinator.getOnlineEndPoints());
        // Make sure we have at least one endpoint in the list
        checkState(!endpoints.isEmpty(), "No active Drillbit endpoint found from ZooKeeper. Check connection parameters?");
    }
    // shuffle the collection then get the first endpoint
    Collections.shuffle(endpoints);
    eventLoopGroup = createEventLoop(config.getInt(ExecConstants.CLIENT_RPC_THREADS), "Client-");
    executor = new ThreadPoolExecutor(0, Integer.MAX_VALUE, 60L, TimeUnit.SECONDS, new SynchronousQueue<Runnable>(), new NamedThreadFactory("drill-client-executor-")) {

        @Override
        protected void afterExecute(final Runnable r, final Throwable t) {
            if (t != null) {
                logger.error("{}.run() leaked an exception.", r.getClass().getName(), t);
            }
            super.afterExecute(r, t);
        }
    };
    final String connectTriesConf = properties.getProperty(DrillProperties.TRIES, "5");
    int connectTriesVal;
    try {
        connectTriesVal = Math.min(endpoints.size(), Integer.parseInt(connectTriesConf));
    } catch (NumberFormatException e) {
        throw new InvalidConnectionInfoException("Invalid tries value: " + connectTriesConf + " specified in " + "connection string");
    }
    // If the value provided in the connection string is <=0 then override with 1 since we want to try connecting
    // at least once
    connectTriesVal = Math.max(1, connectTriesVal);
    int triedEndpointIndex = 0;
    DrillbitEndpoint endpoint;
    while (triedEndpointIndex < connectTriesVal) {
        endpoint = endpoints.get(triedEndpointIndex);
        // version
        if (!properties.containsKey(DrillProperties.SERVICE_HOST)) {
            properties.setProperty(DrillProperties.SERVICE_HOST, endpoint.getAddress());
            props.setProperty(DrillProperties.SERVICE_HOST, endpoint.getAddress());
        }
        // Note: the properties member is a DrillProperties instance which lower cases names of
        // properties. That does not work too well with properties that are mixed case.
        // For user client severla properties are mixed case so we do not use the properties member
        // but instead pass the props parameter.
        client = new UserClient(clientName, config, props, supportComplexTypes, allocator, eventLoopGroup, executor, endpoint);
        logger.debug("Connecting to server {}:{}", endpoint.getAddress(), endpoint.getUserPort());
        try {
            connect(endpoint);
            connected = true;
            logger.info("Successfully connected to server {}:{}", endpoint.getAddress(), endpoint.getUserPort());
            break;
        } catch (NonTransientRpcException ex) {
            logger.error("Connection to {}:{} failed with error {}. Not retrying anymore", endpoint.getAddress(), endpoint.getUserPort(), ex.getMessage());
            throw ex;
        } catch (RpcException ex) {
            ++triedEndpointIndex;
            logger.error("Attempt {}: Failed to connect to server {}:{}", triedEndpointIndex, endpoint.getAddress(), endpoint.getUserPort());
            // Throw exception when we have exhausted all the tries without having a successful connection
            if (triedEndpointIndex == connectTriesVal) {
                throw ex;
            }
            // Close the connection here to avoid calling close twice in case when all tries are exhausted.
            // Since DrillClient.close is also calling client.close
            client.close();
        }
    }
}
Also used : UserClient(org.apache.drill.exec.rpc.user.UserClient) NamedThreadFactory(org.apache.drill.exec.rpc.NamedThreadFactory) ArrayList(java.util.ArrayList) NonTransientRpcException(org.apache.drill.exec.rpc.NonTransientRpcException) ZKClusterCoordinator(org.apache.drill.exec.coord.zk.ZKClusterCoordinator) UserException(org.apache.drill.common.exceptions.UserException) RpcException(org.apache.drill.exec.rpc.RpcException) ChannelClosedException(org.apache.drill.exec.rpc.ChannelClosedException) DrillRuntimeException(org.apache.drill.common.exceptions.DrillRuntimeException) OutOfMemoryException(org.apache.drill.exec.exception.OutOfMemoryException) NonTransientRpcException(org.apache.drill.exec.rpc.NonTransientRpcException) IOException(java.io.IOException) JsonProcessingException(com.fasterxml.jackson.core.JsonProcessingException) DrillbitEndpoint(org.apache.drill.exec.proto.CoordinationProtos.DrillbitEndpoint) DrillbitEndpoint(org.apache.drill.exec.proto.CoordinationProtos.DrillbitEndpoint) RpcException(org.apache.drill.exec.rpc.RpcException) NonTransientRpcException(org.apache.drill.exec.rpc.NonTransientRpcException) SynchronousQueue(java.util.concurrent.SynchronousQueue) ThreadPoolExecutor(java.util.concurrent.ThreadPoolExecutor)

Aggregations

NonTransientRpcException (org.apache.drill.exec.rpc.NonTransientRpcException)23 Properties (java.util.Properties)20 SecurityTest (org.apache.drill.categories.SecurityTest)20 DrillConfig (org.apache.drill.common.config.DrillConfig)20 DrillProperties (org.apache.drill.common.config.DrillProperties)20 Test (org.junit.Test)20 SaslException (javax.security.sasl.SaslException)13 RpcException (org.apache.drill.exec.rpc.RpcException)10 JsonProcessingException (com.fasterxml.jackson.core.JsonProcessingException)2 IOException (java.io.IOException)2 ArrayList (java.util.ArrayList)2 SynchronousQueue (java.util.concurrent.SynchronousQueue)2 ThreadPoolExecutor (java.util.concurrent.ThreadPoolExecutor)2 UserException (org.apache.drill.common.exceptions.UserException)2 ZKClusterCoordinator (org.apache.drill.exec.coord.zk.ZKClusterCoordinator)2 OutOfMemoryException (org.apache.drill.exec.exception.OutOfMemoryException)2 DrillbitEndpoint (org.apache.drill.exec.proto.CoordinationProtos.DrillbitEndpoint)2 ChannelClosedException (org.apache.drill.exec.rpc.ChannelClosedException)2 NamedThreadFactory (org.apache.drill.exec.rpc.NamedThreadFactory)2 UserClient (org.apache.drill.exec.rpc.user.UserClient)2