Examples with DefaultACLProvider org.apache.flink.shaded.curator5.org.apache.curator.framework.imps.DefaultACLProvider used on opensource projects

Search in sources :

Example 6 with DefaultACLProvider

use of org.apache.flink.shaded.curator5.org.apache.curator.framework.imps.DefaultACLProvider in project flink by apache.

the class ZooKeeperUtils method startCuratorFramework.

/**
	 * Starts a {@link CuratorFramework} instance and connects it to the given ZooKeeper
	 * quorum.
	 *
	 * @param configuration {@link Configuration} object containing the configuration values
	 * @return {@link CuratorFramework} instance
	 */
public static CuratorFramework startCuratorFramework(Configuration configuration) {
    Preconditions.checkNotNull(configuration, "configuration");
    String zkQuorum = configuration.getValue(HighAvailabilityOptions.HA_ZOOKEEPER_QUORUM);
    if (zkQuorum == null || StringUtils.isBlank(zkQuorum)) {
        throw new RuntimeException("No valid ZooKeeper quorum has been specified. " + "You can specify the quorum via the configuration key '" + HighAvailabilityOptions.HA_ZOOKEEPER_QUORUM.key() + "'.");
    }
    int sessionTimeout = configuration.getInteger(HighAvailabilityOptions.ZOOKEEPER_SESSION_TIMEOUT);
    int connectionTimeout = configuration.getInteger(HighAvailabilityOptions.ZOOKEEPER_CONNECTION_TIMEOUT);
    int retryWait = configuration.getInteger(HighAvailabilityOptions.ZOOKEEPER_RETRY_WAIT);
    int maxRetryAttempts = configuration.getInteger(HighAvailabilityOptions.ZOOKEEPER_MAX_RETRY_ATTEMPTS);
    String root = configuration.getValue(HighAvailabilityOptions.HA_ZOOKEEPER_ROOT);
    String namespace = configuration.getValue(HighAvailabilityOptions.HA_CLUSTER_ID);
    boolean disableSaslClient = configuration.getBoolean(ConfigConstants.ZOOKEEPER_SASL_DISABLE, ConfigConstants.DEFAULT_ZOOKEEPER_SASL_DISABLE);
    ACLProvider aclProvider;
    ZkClientACLMode aclMode = ZkClientACLMode.fromConfig(configuration);
    if (disableSaslClient && aclMode == ZkClientACLMode.CREATOR) {
        String errorMessage = "Cannot set ACL role to " + aclMode + "  since SASL authentication is " + "disabled through the " + ConfigConstants.ZOOKEEPER_SASL_DISABLE + " property";
        LOG.warn(errorMessage);
        throw new IllegalConfigurationException(errorMessage);
    }
    if (aclMode == ZkClientACLMode.CREATOR) {
        LOG.info("Enforcing creator for ZK connections");
        aclProvider = new SecureAclProvider();
    } else {
        LOG.info("Enforcing default ACL for ZK connections");
        aclProvider = new DefaultACLProvider();
    }
    String rootWithNamespace = generateZookeeperPath(root, namespace);
    LOG.info("Using '{}' as Zookeeper namespace.", rootWithNamespace);
    CuratorFramework cf = CuratorFrameworkFactory.builder().connectString(zkQuorum).sessionTimeoutMs(sessionTimeout).connectionTimeoutMs(connectionTimeout).retryPolicy(new ExponentialBackoffRetry(retryWait, maxRetryAttempts)).namespace(rootWithNamespace.startsWith("/") ? rootWithNamespace.substring(1) : rootWithNamespace).aclProvider(aclProvider).build();
    cf.start();
    return cf;
}
Also used : ACLProvider(org.apache.curator.framework.api.ACLProvider) DefaultACLProvider(org.apache.curator.framework.imps.DefaultACLProvider) CuratorFramework(org.apache.curator.framework.CuratorFramework) ExponentialBackoffRetry(org.apache.curator.retry.ExponentialBackoffRetry) IllegalConfigurationException(org.apache.flink.configuration.IllegalConfigurationException) DefaultACLProvider(org.apache.curator.framework.imps.DefaultACLProvider) CompletedCheckpoint(org.apache.flink.runtime.checkpoint.CompletedCheckpoint)

Example 7 with DefaultACLProvider

use of org.apache.flink.shaded.curator5.org.apache.curator.framework.imps.DefaultACLProvider in project nifi by apache.

the class TestCuratorACLProviderFactory method testSaslAuthSchemeNoHostNoRealm.

@Test
public void testSaslAuthSchemeNoHostNoRealm() {
    final NiFiProperties nifiProperties;
    final CuratorACLProviderFactory factory;
    otherProps.put("nifi.zookeeper.kerberos.removeHostFromPrincipal", "true");
    otherProps.put("nifi.zookeeper.kerberos.removeRealmFromPrincipal", "true");
    nifiProperties = NiFiProperties.createBasicNiFiProperties(propsFile, otherProps);
    factory = new CuratorACLProviderFactory();
    ZooKeeperClientConfig config = ZooKeeperClientConfig.createConfig(nifiProperties);
    ACLProvider provider = factory.create(config);
    assertFalse(provider instanceof DefaultACLProvider);
    List<ACL> acls = provider.getDefaultAcl();
    assertNotNull(acls);
    assertEquals(acls.get(0).getId().toString().trim(), "'sasl,'nifi");
}
Also used : NiFiProperties(org.apache.nifi.util.NiFiProperties) ACLProvider(org.apache.curator.framework.api.ACLProvider) DefaultACLProvider(org.apache.curator.framework.imps.DefaultACLProvider) ZooKeeperClientConfig(org.apache.nifi.controller.cluster.ZooKeeperClientConfig) DefaultACLProvider(org.apache.curator.framework.imps.DefaultACLProvider) ACL(org.apache.zookeeper.data.ACL) Test(org.junit.Test)

Example 8 with DefaultACLProvider

use of org.apache.flink.shaded.curator5.org.apache.curator.framework.imps.DefaultACLProvider in project nifi by apache.

the class TestCuratorACLProviderFactory method testSaslAuthSchemeHeadless.

@Test
public void testSaslAuthSchemeHeadless() {
    final NiFiProperties nifiProperties;
    final CuratorACLProviderFactory factory;
    otherProps.put("nifi.zookeeper.kerberos.removeHostFromPrincipal", "true");
    otherProps.put("nifi.zookeeper.kerberos.removeRealmFromPrincipal", "true");
    otherProps.put("nifi.kerberos.service.principal", "nifi@REALM.COM");
    nifiProperties = NiFiProperties.createBasicNiFiProperties(propsFile, otherProps);
    factory = new CuratorACLProviderFactory();
    ZooKeeperClientConfig config = ZooKeeperClientConfig.createConfig(nifiProperties);
    ACLProvider provider = factory.create(config);
    assertFalse(provider instanceof DefaultACLProvider);
    List<ACL> acls = provider.getDefaultAcl();
    assertNotNull(acls);
    assertEquals(acls.get(0).getId().toString().trim(), "'sasl,'nifi");
}
Also used : NiFiProperties(org.apache.nifi.util.NiFiProperties) ACLProvider(org.apache.curator.framework.api.ACLProvider) DefaultACLProvider(org.apache.curator.framework.imps.DefaultACLProvider) ZooKeeperClientConfig(org.apache.nifi.controller.cluster.ZooKeeperClientConfig) DefaultACLProvider(org.apache.curator.framework.imps.DefaultACLProvider) ACL(org.apache.zookeeper.data.ACL) Test(org.junit.Test)

Example 9 with DefaultACLProvider

use of org.apache.flink.shaded.curator5.org.apache.curator.framework.imps.DefaultACLProvider in project nifi by apache.

the class TestCuratorACLProviderFactory method testSaslAuthSchemeNoHostWithRealm.

@Test
public void testSaslAuthSchemeNoHostWithRealm() {
    final NiFiProperties nifiProperties;
    final CuratorACLProviderFactory factory;
    otherProps.put("nifi.zookeeper.kerberos.removeHostFromPrincipal", "true");
    otherProps.put("nifi.zookeeper.kerberos.removeRealmFromPrincipal", "false");
    nifiProperties = NiFiProperties.createBasicNiFiProperties(propsFile, otherProps);
    factory = new CuratorACLProviderFactory();
    ZooKeeperClientConfig config = ZooKeeperClientConfig.createConfig(nifiProperties);
    ACLProvider provider = factory.create(config);
    assertFalse(provider instanceof DefaultACLProvider);
    List<ACL> acls = provider.getDefaultAcl();
    assertNotNull(acls);
    assertEquals(acls.get(0).getId().toString().trim(), "'sasl,'nifi@REALM.COM");
}
Also used : NiFiProperties(org.apache.nifi.util.NiFiProperties) ACLProvider(org.apache.curator.framework.api.ACLProvider) DefaultACLProvider(org.apache.curator.framework.imps.DefaultACLProvider) ZooKeeperClientConfig(org.apache.nifi.controller.cluster.ZooKeeperClientConfig) DefaultACLProvider(org.apache.curator.framework.imps.DefaultACLProvider) ACL(org.apache.zookeeper.data.ACL) Test(org.junit.Test)

Example 10 with DefaultACLProvider

use of org.apache.flink.shaded.curator5.org.apache.curator.framework.imps.DefaultACLProvider in project oozie by apache.

the class ZKUtils method createClient.

private void createClient() throws Exception {
    // Connect to the ZooKeeper server
    RetryPolicy retryPolicy = ZKUtils.getRetryPolicy();
    String zkConnectionString = ConfigurationService.get(ZK_CONNECTION_STRING);
    String zkNamespace = getZKNameSpace();
    int zkConnectionTimeout = ConfigurationService.getInt(ZK_CONNECTION_TIMEOUT);
    int zkSessionTimeout = ConfigurationService.getInt(ZK_SESSION_TIMEOUT, 300);
    ACLProvider aclProvider;
    if (Services.get().getConf().getBoolean(ZK_SECURE, false)) {
        log.info("Connecting to ZooKeeper with SASL/Kerberos and using 'sasl' ACLs");
        setJaasConfiguration();
        System.setProperty(ZooKeeperSaslClient.LOGIN_CONTEXT_NAME_KEY, "Client");
        System.setProperty("zookeeper.authProvider.1", "org.apache.zookeeper.server.auth.SASLAuthenticationProvider");
        saslACL = Collections.singletonList(new ACL(Perms.ALL, new Id("sasl", getServicePrincipal())));
        aclProvider = new SASLOwnerACLProvider();
    } else {
        log.info("Connecting to ZooKeeper without authentication");
        // open to everyone
        aclProvider = new DefaultACLProvider();
    }
    client = CuratorFrameworkFactory.builder().namespace(zkNamespace).connectString(zkConnectionString).retryPolicy(retryPolicy).aclProvider(aclProvider).connectionTimeoutMs(// in ms
    zkConnectionTimeout * 1000).sessionTimeoutMs(// in ms
    zkSessionTimeout * 1000).build();
    client.start();
    client.getConnectionStateListenable().addListener(new ZKConnectionListener());
}
Also used : ACLProvider(org.apache.curator.framework.api.ACLProvider) DefaultACLProvider(org.apache.curator.framework.imps.DefaultACLProvider) DefaultACLProvider(org.apache.curator.framework.imps.DefaultACLProvider) ACL(org.apache.zookeeper.data.ACL) ZKConnectionListener(org.apache.oozie.event.listener.ZKConnectionListener) Id(org.apache.zookeeper.data.Id) RetryPolicy(org.apache.curator.RetryPolicy)

Aggregations

DefaultACLProvider (org.apache.curator.framework.imps.DefaultACLProvider)10 ACLProvider (org.apache.curator.framework.api.ACLProvider)8 CuratorFramework (org.apache.curator.framework.CuratorFramework)5 ACL (org.apache.zookeeper.data.ACL)5 ZooKeeperClientConfig (org.apache.nifi.controller.cluster.ZooKeeperClientConfig)4 NiFiProperties (org.apache.nifi.util.NiFiProperties)4 Test (org.junit.Test)4 RetryPolicy (org.apache.curator.RetryPolicy)3 ExponentialBackoffRetry (org.apache.curator.retry.ExponentialBackoffRetry)3 Provides (com.google.inject.Provides)2 BoundedExponentialBackoffRetry (org.apache.curator.retry.BoundedExponentialBackoffRetry)2 IllegalConfigurationException (org.apache.flink.configuration.IllegalConfigurationException)2 CompletedCheckpoint (org.apache.flink.runtime.checkpoint.CompletedCheckpoint)2 LazySingleton (io.druid.guice.LazySingleton)1 Lifecycle (io.druid.java.util.common.lifecycle.Lifecycle)1 SuppressForbidden (io.netty.util.SuppressForbidden)1 IOException (java.io.IOException)1 CuratorFrameworkFactory (org.apache.curator.framework.CuratorFrameworkFactory)1 LazySingleton (org.apache.druid.guice.LazySingleton)1 Lifecycle (org.apache.druid.java.util.common.lifecycle.Lifecycle)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial