Search in sources :

Example 6 with TServlet

use of org.apache.thrift.server.TServlet in project hive by apache.

the class ThriftHttpCLIService method initServer.

/**
 * Configure Jetty to serve http requests. Example of a client connection URL:
 * http://localhost:10000/servlets/thrifths2/ A gateway may cause actual target
 * URL to differ, e.g. http://gateway:port/hive2/servlets/thrifths2/
 */
@Override
protected void initServer() {
    try {
        // Server thread pool
        // Start with minWorkerThreads, expand till maxWorkerThreads and reject
        // subsequent requests
        String threadPoolName = "HiveServer2-HttpHandler-Pool";
        ThreadPoolExecutor executorService = new ThreadPoolExecutor(minWorkerThreads, maxWorkerThreads, workerKeepAliveTime, TimeUnit.SECONDS, new SynchronousQueue<Runnable>(), new ThreadFactoryWithGarbageCleanup(threadPoolName));
        ExecutorThreadPool threadPool = new ExecutorThreadPool(executorService);
        // HTTP Server
        server = new Server(threadPool);
        ServerConnector connector;
        final HttpConfiguration conf = new HttpConfiguration();
        // Configure header size
        int requestHeaderSize = hiveConf.getIntVar(ConfVars.HIVE_SERVER2_THRIFT_HTTP_REQUEST_HEADER_SIZE);
        int responseHeaderSize = hiveConf.getIntVar(ConfVars.HIVE_SERVER2_THRIFT_HTTP_RESPONSE_HEADER_SIZE);
        conf.setRequestHeaderSize(requestHeaderSize);
        conf.setResponseHeaderSize(responseHeaderSize);
        final HttpConnectionFactory http = new HttpConnectionFactory(conf) {

            public Connection newConnection(Connector connector, EndPoint endPoint) {
                Connection connection = super.newConnection(connector, endPoint);
                connection.addListener(new Connection.Listener() {

                    public void onOpened(Connection connection) {
                        openConnection();
                    }

                    public void onClosed(Connection connection) {
                        closeConnection();
                    }
                });
                return connection;
            }
        };
        boolean useSsl = hiveConf.getBoolVar(ConfVars.HIVE_SERVER2_USE_SSL);
        String schemeName = useSsl ? "https" : "http";
        // Change connector if SSL is used
        if (useSsl) {
            String keyStorePath = hiveConf.getVar(ConfVars.HIVE_SERVER2_SSL_KEYSTORE_PATH).trim();
            String keyStorePassword = ShimLoader.getHadoopShims().getPassword(hiveConf, HiveConf.ConfVars.HIVE_SERVER2_SSL_KEYSTORE_PASSWORD.varname);
            if (keyStorePath.isEmpty()) {
                throw new IllegalArgumentException(ConfVars.HIVE_SERVER2_SSL_KEYSTORE_PATH.varname + " Not configured for SSL connection");
            }
            String keyStoreType = hiveConf.getVar(ConfVars.HIVE_SERVER2_SSL_KEYSTORE_TYPE).trim();
            if (keyStoreType.isEmpty()) {
                keyStoreType = KeyStore.getDefaultType();
            }
            String keyStoreAlgorithm = hiveConf.getVar(ConfVars.HIVE_SERVER2_SSL_KEYMANAGERFACTORY_ALGORITHM).trim();
            if (keyStoreAlgorithm.isEmpty()) {
                keyStoreAlgorithm = KeyManagerFactory.getDefaultAlgorithm();
            }
            SslContextFactory sslContextFactory = new SslContextFactory();
            String[] excludedProtocols = hiveConf.getVar(ConfVars.HIVE_SSL_PROTOCOL_BLACKLIST).split(",");
            LOG.info("HTTP Server SSL: adding excluded protocols: " + Arrays.toString(excludedProtocols));
            sslContextFactory.addExcludeProtocols(excludedProtocols);
            LOG.info("HTTP Server SSL: SslContextFactory.getExcludeProtocols = " + Arrays.toString(sslContextFactory.getExcludeProtocols()));
            sslContextFactory.setKeyStorePath(keyStorePath);
            sslContextFactory.setKeyStorePassword(keyStorePassword);
            sslContextFactory.setKeyStoreType(keyStoreType);
            sslContextFactory.setKeyManagerFactoryAlgorithm(keyStoreAlgorithm);
            String excludeCiphersuites = hiveConf.getVar(ConfVars.HIVE_SERVER2_SSL_HTTP_EXCLUDE_CIPHERSUITES).trim();
            if (!excludeCiphersuites.trim().isEmpty()) {
                Set<String> excludeCS = Sets.newHashSet(Splitter.on(",").trimResults().omitEmptyStrings().split(excludeCiphersuites.trim()));
                int eSize = excludeCS.size();
                if (eSize > 0) {
                    sslContextFactory.setExcludeCipherSuites(excludeCS.toArray(new String[eSize]));
                }
            }
            connector = new ServerConnector(server, sslContextFactory, http);
        } else {
            connector = new ServerConnector(server, http);
        }
        connector.setPort(portNum);
        // Linux:yes, Windows:no
        connector.setReuseAddress(true);
        int maxIdleTime = (int) hiveConf.getTimeVar(ConfVars.HIVE_SERVER2_THRIFT_HTTP_MAX_IDLE_TIME, TimeUnit.MILLISECONDS);
        connector.setIdleTimeout(maxIdleTime);
        connector.setAcceptQueueSize(maxWorkerThreads);
        server.addConnector(connector);
        // Thrift configs
        hiveAuthFactory = new HiveAuthFactory(hiveConf);
        TProcessor processor = new TCLIService.Processor<Iface>(this);
        TProtocolFactory protocolFactory = new TBinaryProtocol.Factory();
        // Set during the init phase of HiveServer2 if auth mode is kerberos
        // UGI for the hive/_HOST (kerberos) principal
        UserGroupInformation serviceUGI = cliService.getServiceUGI();
        // UGI for the http/_HOST (SPNego) principal
        UserGroupInformation httpUGI = cliService.getHttpUGI();
        String authType = hiveConf.getVar(ConfVars.HIVE_SERVER2_AUTHENTICATION);
        TServlet thriftHttpServlet = new ThriftHttpServlet(processor, protocolFactory, authType, serviceUGI, httpUGI, hiveAuthFactory, hiveConf);
        // Context handler
        final ServletContextHandler context = new ServletContextHandler(ServletContextHandler.SESSIONS);
        context.setContextPath("/");
        if (hiveConf.getBoolean(ConfVars.HIVE_SERVER2_XSRF_FILTER_ENABLED.varname, false)) {
            // context.addFilter(Utils.getXSRFFilterHolder(null, null), "/" ,
            // FilterMapping.REQUEST);
            // Filtering does not work here currently, doing filter in ThriftHttpServlet
            LOG.debug("XSRF filter enabled");
        } else {
            LOG.warn("XSRF filter disabled");
        }
        final String httpPath = getHttpPath(hiveConf.getVar(HiveConf.ConfVars.HIVE_SERVER2_THRIFT_HTTP_PATH));
        if (HiveConf.getBoolVar(hiveConf, ConfVars.HIVE_SERVER2_THRIFT_HTTP_COMPRESSION_ENABLED)) {
            final GzipHandler gzipHandler = new GzipHandler();
            gzipHandler.setHandler(context);
            gzipHandler.addIncludedMethods(HttpMethod.POST);
            gzipHandler.addIncludedMimeTypes(APPLICATION_THRIFT);
            server.setHandler(gzipHandler);
        } else {
            server.setHandler(context);
        }
        context.addServlet(new ServletHolder(thriftHttpServlet), httpPath);
        if (HiveSamlUtils.isSamlAuthMode(authType)) {
            String ssoPath = HiveSamlUtils.getCallBackPath(hiveConf);
            context.addServlet(new ServletHolder(new HiveSamlHttpServlet(hiveConf)), ssoPath);
        }
        constrainHttpMethods(context, false);
        // TODO: check defaults: maxTimeout, keepalive, maxBodySize,
        // bodyRecieveDuration, etc.
        // Finally, start the server
        server.start();
        String msg = "Started " + ThriftHttpCLIService.class.getSimpleName() + " in " + schemeName + " mode on port " + portNum + " path=" + httpPath + " with " + minWorkerThreads + "..." + maxWorkerThreads + " worker threads";
        LOG.info(msg);
    } catch (Exception e) {
        throw new RuntimeException("Failed to init HttpServer", e);
    }
}
Also used : ServerConnector(org.eclipse.jetty.server.ServerConnector) Connector(org.eclipse.jetty.server.Connector) TProtocolFactory(org.apache.thrift.protocol.TProtocolFactory) ThreadFactoryWithGarbageCleanup(org.apache.hive.service.server.ThreadFactoryWithGarbageCleanup) TProcessor(org.apache.thrift.TProcessor) Server(org.eclipse.jetty.server.Server) ServletHolder(org.eclipse.jetty.servlet.ServletHolder) HttpConnectionFactory(org.eclipse.jetty.server.HttpConnectionFactory) SslContextFactory(org.eclipse.jetty.util.ssl.SslContextFactory) KeyManagerFactory(javax.net.ssl.KeyManagerFactory) HiveAuthFactory(org.apache.hive.service.auth.HiveAuthFactory) TProtocolFactory(org.apache.thrift.protocol.TProtocolFactory) MetricsFactory(org.apache.hadoop.hive.common.metrics.common.MetricsFactory) HttpConfiguration(org.eclipse.jetty.server.HttpConfiguration) EndPoint(org.eclipse.jetty.io.EndPoint) TServlet(org.apache.thrift.server.TServlet) ServerConnector(org.eclipse.jetty.server.ServerConnector) SslContextFactory(org.eclipse.jetty.util.ssl.SslContextFactory) TProcessor(org.apache.thrift.TProcessor) HiveSamlHttpServlet(org.apache.hive.service.auth.saml.HiveSamlHttpServlet) UserGroupInformation(org.apache.hadoop.security.UserGroupInformation) HttpConnectionFactory(org.eclipse.jetty.server.HttpConnectionFactory) Connection(org.eclipse.jetty.io.Connection) EndPoint(org.eclipse.jetty.io.EndPoint) Constraint(org.eclipse.jetty.util.security.Constraint) GzipHandler(org.eclipse.jetty.server.handler.gzip.GzipHandler) ExecutorThreadPool(org.eclipse.jetty.util.thread.ExecutorThreadPool) HiveAuthFactory(org.apache.hive.service.auth.HiveAuthFactory) ThreadPoolExecutor(java.util.concurrent.ThreadPoolExecutor) ServletContextHandler(org.eclipse.jetty.servlet.ServletContextHandler)

Aggregations

TServlet (org.apache.thrift.server.TServlet)6 ServletContextHandler (org.eclipse.jetty.servlet.ServletContextHandler)5 ServletHolder (org.eclipse.jetty.servlet.ServletHolder)5 TProcessor (org.apache.thrift.TProcessor)4 TProtocolFactory (org.apache.thrift.protocol.TProtocolFactory)4 Server (org.eclipse.jetty.server.Server)4 SaslServer (javax.security.sasl.SaslServer)2 HttpServlet (javax.servlet.http.HttpServlet)2 HttpServletRequest (javax.servlet.http.HttpServletRequest)2 HttpServletResponse (javax.servlet.http.HttpServletResponse)2 UserGroupInformation (org.apache.hadoop.security.UserGroupInformation)2 HiveAuthFactory (org.apache.hive.service.auth.HiveAuthFactory)2 ThreadFactoryWithGarbageCleanup (org.apache.hive.service.server.ThreadFactoryWithGarbageCleanup)2 TBinaryProtocol (org.apache.thrift.protocol.TBinaryProtocol)2 THsHaServer (org.apache.thrift.server.THsHaServer)2 TNonblockingServer (org.apache.thrift.server.TNonblockingServer)2 TServer (org.apache.thrift.server.TServer)2 TThreadedSelectorServer (org.apache.thrift.server.TThreadedSelectorServer)2 TTransportFactory (org.apache.thrift.transport.TTransportFactory)2 HttpConfiguration (org.eclipse.jetty.server.HttpConfiguration)2