Example 11 with BucketArgs
use of org.apache.hadoop.ozone.client.BucketArgs in project ozone by apache.
the class TestOzoneAtRestEncryption method createVolumeAndBucket.
private OzoneBucket createVolumeAndBucket(String volumeName, String bucketName) throws Exception {
store.createVolume(volumeName);
OzoneVolume volume = store.getVolume(volumeName);
BucketArgs bucketArgs = BucketArgs.newBuilder().setBucketEncryptionKey(TEST_KEY).setBucketLayout(bucketLayout).build();
volume.createBucket(bucketName, bucketArgs);
return volume.getBucket(bucketName);
}
Also used :
OzoneVolume(org.apache.hadoop.ozone.client.OzoneVolume)
BucketArgs(org.apache.hadoop.ozone.client.BucketArgs)
Example 12 with BucketArgs
use of org.apache.hadoop.ozone.client.BucketArgs in project ozone by apache.
the class TestOzoneAtRestEncryption method testKeyWithEncryptionAndGdpr.
/**
* Test PutKey & DeleteKey with Encryption and GDPR.
* 1. Create a GDPR enforced bucket
* 2. PutKey with Encryption in above bucket and verify.
* 3. DeleteKey and confirm the metadata does not have encryption key.
* @throws Exception
*/
@Test
public void testKeyWithEncryptionAndGdpr() throws Exception {
// Step 1
String volumeName = UUID.randomUUID().toString();
String bucketName = UUID.randomUUID().toString();
Instant testStartTime = Instant.now();
String value = "sample value";
store.createVolume(volumeName);
OzoneVolume volume = store.getVolume(volumeName);
// Bucket with Encryption & GDPR enforced
BucketArgs bucketArgs = BucketArgs.newBuilder().setBucketEncryptionKey(TEST_KEY).addMetadata(OzoneConsts.GDPR_FLAG, "true").setBucketLayout(bucketLayout).build();
volume.createBucket(bucketName, bucketArgs);
OzoneBucket bucket = volume.getBucket(bucketName);
Assert.assertEquals(bucketName, bucket.getName());
Assert.assertNotNull(bucket.getMetadata());
Assert.assertEquals("true", bucket.getMetadata().get(OzoneConsts.GDPR_FLAG));
// Step 2
String keyName = UUID.randomUUID().toString();
Map<String, String> keyMetadata = new HashMap<>();
keyMetadata.put(OzoneConsts.GDPR_FLAG, "true");
try (OzoneOutputStream out = bucket.createKey(keyName, value.getBytes(StandardCharsets.UTF_8).length, ReplicationType.RATIS, ReplicationFactor.ONE, keyMetadata)) {
out.write(value.getBytes(StandardCharsets.UTF_8));
}
OzoneKeyDetails key = bucket.getKey(keyName);
Assert.assertEquals(keyName, key.getName());
byte[] fileContent;
int len = 0;
try (OzoneInputStream is = bucket.readKey(keyName)) {
fileContent = new byte[value.getBytes(StandardCharsets.UTF_8).length];
len = is.read(fileContent);
}
Assert.assertEquals(len, value.length());
Assert.assertTrue(verifyRatisReplication(volumeName, bucketName, keyName, ReplicationType.RATIS, ReplicationFactor.ONE));
Assert.assertEquals(value, new String(fileContent, StandardCharsets.UTF_8));
Assert.assertFalse(key.getCreationTime().isBefore(testStartTime));
Assert.assertFalse(key.getModificationTime().isBefore(testStartTime));
Assert.assertEquals("true", key.getMetadata().get(OzoneConsts.GDPR_FLAG));
// As TDE is enabled, the TDE encryption details should not be null.
Assert.assertNotNull(key.getFileEncryptionInfo());
// Step 3
bucket.deleteKey(key.getName());
OMMetadataManager omMetadataManager = ozoneManager.getMetadataManager();
String objectKey = omMetadataManager.getOzoneKey(volumeName, bucketName, keyName);
GenericTestUtils.waitFor(() -> {
try {
return omMetadataManager.getDeletedTable().isExist(objectKey);
} catch (IOException e) {
return false;
}
}, 500, 100000);
RepeatedOmKeyInfo deletedKeys = omMetadataManager.getDeletedTable().get(objectKey);
Map<String, String> deletedKeyMetadata = deletedKeys.getOmKeyInfoList().get(0).getMetadata();
Assert.assertFalse(deletedKeyMetadata.containsKey(OzoneConsts.GDPR_FLAG));
Assert.assertFalse(deletedKeyMetadata.containsKey(OzoneConsts.GDPR_SECRET));
Assert.assertFalse(deletedKeyMetadata.containsKey(OzoneConsts.GDPR_ALGORITHM));
Assert.assertNull(deletedKeys.getOmKeyInfoList().get(0).getFileEncryptionInfo());
}
Also used :
OzoneInputStream(org.apache.hadoop.ozone.client.io.OzoneInputStream)
HashMap(java.util.HashMap)
Instant(java.time.Instant)
BucketArgs(org.apache.hadoop.ozone.client.BucketArgs)
OzoneOutputStream(org.apache.hadoop.ozone.client.io.OzoneOutputStream)
IOException(java.io.IOException)
RepeatedOmKeyInfo(org.apache.hadoop.ozone.om.helpers.RepeatedOmKeyInfo)
OzoneVolume(org.apache.hadoop.ozone.client.OzoneVolume)
OzoneBucket(org.apache.hadoop.ozone.client.OzoneBucket)
OzoneKeyDetails(org.apache.hadoop.ozone.client.OzoneKeyDetails)
OMMetadataManager(org.apache.hadoop.ozone.om.OMMetadataManager)
Test(org.junit.Test)
Aggregations
BucketArgs (org.apache.hadoop.ozone.client.BucketArgs)12
OzoneVolume (org.apache.hadoop.ozone.client.OzoneVolume)12
OzoneBucket (org.apache.hadoop.ozone.client.OzoneBucket)7
Test (org.junit.Test)7
HashMap (java.util.HashMap)3
OzoneKeyDetails (org.apache.hadoop.ozone.client.OzoneKeyDetails)3
OzoneInputStream (org.apache.hadoop.ozone.client.io.OzoneInputStream)3
OzoneOutputStream (org.apache.hadoop.ozone.client.io.OzoneOutputStream)3
OMMetadataManager (org.apache.hadoop.ozone.om.OMMetadataManager)3
RepeatedOmKeyInfo (org.apache.hadoop.ozone.om.helpers.RepeatedOmKeyInfo)3
LinkedHashMap (java.util.LinkedHashMap)2
ObjectStore (org.apache.hadoop.ozone.client.ObjectStore)2
OzoneClient (org.apache.hadoop.ozone.client.OzoneClient)2
IOException (java.io.IOException)1
Instant (java.time.Instant)1
ArrayList (java.util.ArrayList)1
OzoneConfiguration (org.apache.hadoop.hdds.conf.OzoneConfiguration)1
OzoneAcl (org.apache.hadoop.ozone.OzoneAcl)1
VolumeArgs (org.apache.hadoop.ozone.client.VolumeArgs)1
OMException (org.apache.hadoop.ozone.om.exceptions.OMException)1
