use of org.apache.hadoop.hdds.security.token.ContainerTokenSecretManager in project ozone by apache.
the class TestSecureOzoneContainer method setup.
@Before
public void setup() throws Exception {
DefaultMetricsSystem.setMiniClusterMode(true);
ExitUtils.disableSystemExit();
conf = new OzoneConfiguration();
String ozoneMetaPath = GenericTestUtils.getTempPath("ozoneMeta");
conf.set(OZONE_METADATA_DIRS, ozoneMetaPath);
secConfig = new SecurityConfig(conf);
caClient = new CertificateClientTestImpl(conf);
secretManager = new ContainerTokenSecretManager(new SecurityConfig(conf), TimeUnit.DAYS.toMillis(1), caClient.getCertificate().getSerialNumber().toString());
}
use of org.apache.hadoop.hdds.security.token.ContainerTokenSecretManager in project ozone by apache.
the class StorageContainerManager method createContainerTokenSecretManager.
private ContainerTokenSecretManager createContainerTokenSecretManager(OzoneConfiguration conf) throws IOException {
long expiryTime = conf.getTimeDuration(HddsConfigKeys.HDDS_BLOCK_TOKEN_EXPIRY_TIME, HddsConfigKeys.HDDS_BLOCK_TOKEN_EXPIRY_TIME_DEFAULT, TimeUnit.MILLISECONDS);
// root CA cert.
if (scmCertificateClient == null) {
Preconditions.checkState(!scmStorageConfig.checkPrimarySCMIdInitialized());
String certSerialNumber;
try {
certSerialNumber = getScmCertificateServer().getCACertificate().getSerialNumber().toString();
} catch (CertificateException ex) {
LOG.error("Get CA Certificate failed", ex);
throw new IOException(ex);
} catch (IOException ex) {
LOG.error("Get CA Certificate failed", ex);
throw ex;
}
scmCertificateClient = new SCMCertificateClient(securityConfig, certSerialNumber, SCM_ROOT_CA_COMPONENT_NAME);
}
String certId = scmCertificateClient.getCertificate().getSerialNumber().toString();
return new ContainerTokenSecretManager(securityConfig, expiryTime, certId);
}
use of org.apache.hadoop.hdds.security.token.ContainerTokenSecretManager in project ozone by apache.
the class TestSecureContainerServer method setup.
@BeforeClass
public static void setup() throws Exception {
DefaultMetricsSystem.setMiniClusterMode(true);
ExitUtils.disableSystemExit();
CONF.set(HddsConfigKeys.HDDS_METADATA_DIR_NAME, TEST_DIR);
CONF.setBoolean(OZONE_SECURITY_ENABLED_KEY, true);
CONF.setBoolean(HDDS_BLOCK_TOKEN_ENABLED, true);
caClient = new CertificateClientTestImpl(CONF);
String certSerialId = caClient.getCertificate().getSerialNumber().toString();
SecurityConfig secConf = new SecurityConfig(CONF);
long tokenLifetime = TimeUnit.HOURS.toMillis(1);
blockTokenSecretManager = new OzoneBlockTokenSecretManager(secConf, tokenLifetime, certSerialId);
blockTokenSecretManager.start(caClient);
containerTokenSecretManager = new ContainerTokenSecretManager(secConf, tokenLifetime, certSerialId);
containerTokenSecretManager.start(caClient);
}
Aggregations