use of org.apache.drill.exec.rpc.NonTransientRpcException in project drill by axbaretto.
the class TestUserBitSaslCompatibility method testEnableDrillbitEncryption_DisableClientAuth.
/**
* Test showing failure in SASL handshake when Drillbit is configured for encryption whereas client doesn't provide any
* security properties like username/password in this case.
* @throws Exception
*/
@Test
public void testEnableDrillbitEncryption_DisableClientAuth() throws Exception {
final DrillConfig newConfig = new DrillConfig(DrillConfig.create(cloneDefaultTestConfigProperties()).withValue(ExecConstants.USER_AUTHENTICATION_ENABLED, ConfigValueFactory.fromAnyRef(true)).withValue(ExecConstants.USER_AUTHENTICATOR_IMPL, ConfigValueFactory.fromAnyRef(UserAuthenticatorTestImpl.TYPE)).withValue(ExecConstants.AUTHENTICATION_MECHANISMS, ConfigValueFactory.fromIterable(Lists.newArrayList("plain"))).withValue(ExecConstants.USER_ENCRYPTION_SASL_ENABLED, ConfigValueFactory.fromAnyRef(true)));
final Properties connectionProps = new Properties();
connectionProps.setProperty(DrillProperties.USER, "anonymous");
connectionProps.setProperty(DrillProperties.PASSWORD, "anything works!");
try {
updateTestCluster(1, newConfig, connectionProps);
fail();
} catch (Exception ex) {
assertTrue(ex.getCause() instanceof NonTransientRpcException);
assertTrue(ex.getCause().getCause() instanceof SaslException);
}
}
use of org.apache.drill.exec.rpc.NonTransientRpcException in project drill by apache.
the class TestUserBitKerberosEncryption method encryptionEnabledWithOnlyPlainMech.
@Test
public void encryptionEnabledWithOnlyPlainMech() {
try {
final Properties connectionProps = new Properties();
connectionProps.setProperty(DrillProperties.SERVICE_PRINCIPAL, krbHelper.SERVER_PRINCIPAL);
connectionProps.setProperty(DrillProperties.USER, krbHelper.CLIENT_PRINCIPAL);
connectionProps.setProperty(DrillProperties.KEYTAB, krbHelper.clientKeytab.getAbsolutePath());
newConfig = new DrillConfig(DrillConfig.create(cloneDefaultTestConfigProperties()).withValue(ExecConstants.USER_AUTHENTICATION_ENABLED, ConfigValueFactory.fromAnyRef(true)).withValue(ExecConstants.USER_AUTHENTICATOR_IMPL, ConfigValueFactory.fromAnyRef(UserAuthenticatorTestImpl.TYPE)).withValue(ExecConstants.SERVICE_PRINCIPAL, ConfigValueFactory.fromAnyRef(krbHelper.SERVER_PRINCIPAL)).withValue(ExecConstants.SERVICE_KEYTAB_LOCATION, ConfigValueFactory.fromAnyRef(krbHelper.serverKeytab.toString())).withValue(ExecConstants.AUTHENTICATION_MECHANISMS, ConfigValueFactory.fromIterable(Lists.newArrayList("plain"))).withValue(ExecConstants.USER_ENCRYPTION_SASL_ENABLED, ConfigValueFactory.fromAnyRef(true)));
updateTestCluster(1, newConfig, connectionProps);
fail();
} catch (Exception ex) {
assert (ex.getCause() instanceof NonTransientRpcException);
logger.error("Caught exception: ", ex);
}
}
use of org.apache.drill.exec.rpc.NonTransientRpcException in project drill by apache.
the class TestUserBitSaslCompatibility method testDisableDrillbitEncryption_EnableClientEncryption.
/**
* Test showing failure before SASL handshake when Drillbit is not configured for encryption whereas client explicitly
* requested for encrypted connection.
* @throws Exception
*/
@Test
public void testDisableDrillbitEncryption_EnableClientEncryption() throws Exception {
final DrillConfig newConfig = new DrillConfig(DrillConfig.create(cloneDefaultTestConfigProperties()).withValue(ExecConstants.USER_AUTHENTICATION_ENABLED, ConfigValueFactory.fromAnyRef(true)).withValue(ExecConstants.USER_AUTHENTICATOR_IMPL, ConfigValueFactory.fromAnyRef(UserAuthenticatorTestImpl.TYPE)).withValue(ExecConstants.AUTHENTICATION_MECHANISMS, ConfigValueFactory.fromIterable(Lists.newArrayList("plain"))).withValue(ExecConstants.USER_ENCRYPTION_SASL_ENABLED, ConfigValueFactory.fromAnyRef(false)));
final Properties connectionProps = new Properties();
connectionProps.setProperty(DrillProperties.USER, "anonymous");
connectionProps.setProperty(DrillProperties.PASSWORD, "anything works!");
connectionProps.setProperty(DrillProperties.SASL_ENCRYPT, "true");
try {
updateTestCluster(1, newConfig, connectionProps);
fail();
} catch (Exception ex) {
assertTrue(ex.getCause() instanceof NonTransientRpcException);
assertTrue(!(ex.getCause().getCause() instanceof SaslException));
}
}
use of org.apache.drill.exec.rpc.NonTransientRpcException in project drill by apache.
the class TestUserBitSaslCompatibility method testDisableDrillbitAuth_EnableClientAuthKerberos.
/**
* Test showing when Drillbit is not configured for authentication whereas client explicitly requested for Kerberos
* authentication then connection fails due to new check before SASL Handshake.
* @throws Exception
*/
@Test
public void testDisableDrillbitAuth_EnableClientAuthKerberos() throws Exception {
final DrillConfig newConfig = new DrillConfig(DrillConfig.create(cloneDefaultTestConfigProperties()).withValue(ExecConstants.USER_AUTHENTICATION_ENABLED, ConfigValueFactory.fromAnyRef(false)));
final Properties connectionProps = new Properties();
connectionProps.setProperty(DrillProperties.AUTH_MECHANISM, "kerberos");
try {
updateTestCluster(1, newConfig, connectionProps);
fail();
} catch (Exception ex) {
assertTrue(ex.getCause() instanceof NonTransientRpcException);
assertTrue(!(ex.getCause().getCause() instanceof SaslException));
}
}
use of org.apache.drill.exec.rpc.NonTransientRpcException in project drill by apache.
the class DrillClient method connect.
/**
* Start's a connection from client to server
* @param connect - Zookeeper connection string provided at connection URL
* @param props - not null {@link Properties} filled with connection url parameters
* @throws RpcException
*/
public synchronized void connect(String connect, Properties props) throws RpcException {
if (connected) {
return;
}
properties = DrillProperties.createFromProperties(props);
final List<DrillbitEndpoint> endpoints = new ArrayList<>();
if (isDirectConnection) {
// Populate the endpoints list with all the drillbit information provided in the connection string
endpoints.addAll(parseAndVerifyEndpoints(properties.getProperty(DrillProperties.DRILLBIT_CONNECTION), config.getString(ExecConstants.INITIAL_USER_PORT)));
} else {
if (ownsZkConnection) {
try {
this.clusterCoordinator = new ZKClusterCoordinator(this.config, connect);
this.clusterCoordinator.start(10000);
} catch (Exception e) {
throw new RpcException("Failure setting up ZK for client.", e);
}
}
// Gets the drillbit endpoints that are ONLINE and excludes the drillbits that are
// in QUIESCENT state. This avoids the clients connecting to drillbits that are
// shutting down thereby avoiding reducing the chances of query failures.
endpoints.addAll(clusterCoordinator.getOnlineEndPoints());
// Make sure we have at least one endpoint in the list
checkState(!endpoints.isEmpty(), "No active Drillbit endpoint found from ZooKeeper. Check connection parameters?");
}
// shuffle the collection then get the first endpoint
Collections.shuffle(endpoints);
eventLoopGroup = createEventLoop(config.getInt(ExecConstants.CLIENT_RPC_THREADS), "Client-");
executor = new ThreadPoolExecutor(0, Integer.MAX_VALUE, 60L, TimeUnit.SECONDS, new SynchronousQueue<Runnable>(), new NamedThreadFactory("drill-client-executor-")) {
@Override
protected void afterExecute(final Runnable r, final Throwable t) {
if (t != null) {
logger.error("{}.run() leaked an exception.", r.getClass().getName(), t);
}
super.afterExecute(r, t);
}
};
final String connectTriesConf = properties.getProperty(DrillProperties.TRIES, "5");
int connectTriesVal;
try {
connectTriesVal = Math.min(endpoints.size(), Integer.parseInt(connectTriesConf));
} catch (NumberFormatException e) {
throw new InvalidConnectionInfoException("Invalid tries value: " + connectTriesConf + " specified in " + "connection string");
}
// If the value provided in the connection string is <=0 then override with 1 since we want to try connecting
// at least once
connectTriesVal = Math.max(1, connectTriesVal);
int triedEndpointIndex = 0;
DrillbitEndpoint endpoint;
while (triedEndpointIndex < connectTriesVal) {
endpoint = endpoints.get(triedEndpointIndex);
// version
if (!properties.containsKey(DrillProperties.SERVICE_HOST)) {
properties.setProperty(DrillProperties.SERVICE_HOST, endpoint.getAddress());
props.setProperty(DrillProperties.SERVICE_HOST, endpoint.getAddress());
}
// Note: the properties member is a DrillProperties instance which lower cases names of
// properties. That does not work too well with properties that are mixed case.
// For user client severla properties are mixed case so we do not use the properties member
// but instead pass the props parameter.
client = new UserClient(clientName, config, props, supportComplexTypes, allocator, eventLoopGroup, executor, endpoint);
logger.debug("Connecting to server {}:{}", endpoint.getAddress(), endpoint.getUserPort());
try {
connect(endpoint);
connected = true;
logger.info("Successfully connected to server {}:{}", endpoint.getAddress(), endpoint.getUserPort());
break;
} catch (NonTransientRpcException ex) {
logger.error("Connection to {}:{} failed with error {}. Not retrying anymore", endpoint.getAddress(), endpoint.getUserPort(), ex.getMessage());
throw ex;
} catch (RpcException ex) {
++triedEndpointIndex;
logger.error("Attempt {}: Failed to connect to server {}:{}", triedEndpointIndex, endpoint.getAddress(), endpoint.getUserPort());
// Throw exception when we have exhausted all the tries without having a successful connection
if (triedEndpointIndex == connectTriesVal) {
throw ex;
}
// Close the connection here to avoid calling close twice in case when all tries are exhausted.
// Since DrillClient.close is also calling client.close
client.close();
}
}
}
Aggregations