Examples with TFramedTransport - org.apache.thrift.transport.layered.TFramedTransport

Example 6 with TFramedTransport

use of org.apache.thrift.transport.layered.TFramedTransport in project hive by apache.

the class HMSClient method open.

private TTransport open(Configuration conf, @NotNull URI uri) throws TException, IOException, LoginException {
    boolean useSSL = MetastoreConf.getBoolVar(conf, MetastoreConf.ConfVars.USE_SSL);
    boolean useSasl = MetastoreConf.getBoolVar(conf, MetastoreConf.ConfVars.USE_THRIFT_SASL);
    boolean useFramedTransport = MetastoreConf.getBoolVar(conf, MetastoreConf.ConfVars.USE_THRIFT_FRAMED_TRANSPORT);
    boolean useCompactProtocol = MetastoreConf.getBoolVar(conf, MetastoreConf.ConfVars.USE_THRIFT_COMPACT_PROTOCOL);
    int clientSocketTimeout = (int) MetastoreConf.getTimeVar(conf, MetastoreConf.ConfVars.CLIENT_SOCKET_TIMEOUT, TimeUnit.MILLISECONDS);
    LOG.debug("Connecting to {}, framedTransport = {}", uri, useFramedTransport);
    String host = uri.getHost();
    int port = uri.getPort();
    // Sasl/SSL code is copied from HiveMetastoreCLient
    if (!useSSL) {
        transport = new TSocket(new TConfiguration(), host, port, clientSocketTimeout);
    } else {
        String trustStorePath = MetastoreConf.getVar(conf, MetastoreConf.ConfVars.SSL_TRUSTSTORE_PATH).trim();
        if (trustStorePath.isEmpty()) {
            throw new IllegalArgumentException(MetastoreConf.ConfVars.SSL_TRUSTSTORE_PATH.toString() + " Not configured for SSL connection");
        }
        String trustStorePassword = MetastoreConf.getPassword(conf, MetastoreConf.ConfVars.SSL_TRUSTSTORE_PASSWORD);
        String trustStoreType = MetastoreConf.getVar(conf, MetastoreConf.ConfVars.SSL_TRUSTSTORE_TYPE).trim();
        String trustStoreAlgorithm = MetastoreConf.getVar(conf, MetastoreConf.ConfVars.SSL_TRUSTMANAGERFACTORY_ALGORITHM).trim();
        // Create an SSL socket and connect
        transport = SecurityUtils.getSSLSocket(host, port, clientSocketTimeout, trustStorePath, trustStorePassword, trustStoreType, trustStoreAlgorithm);
        LOG.info("Opened an SSL connection to metastore, current connections");
    }
    if (useSasl) {
        // Wrap thrift connection with SASL for secure connection.
        HadoopThriftAuthBridge.Client authBridge = HadoopThriftAuthBridge.getBridge().createClient();
        // check if we should use delegation tokens to authenticate
        // the call below gets hold of the tokens if they are set up by hadoop
        // this should happen on the map/reduce tasks if the client added the
        // tokens into hadoop's credential store in the front end during job
        // submission.
        String tokenSig = MetastoreConf.getVar(conf, MetastoreConf.ConfVars.TOKEN_SIGNATURE);
        // tokenSig could be null
        String tokenStrForm = SecurityUtils.getTokenStrForm(tokenSig);
        if (tokenStrForm != null) {
            LOG.info("HMSC::open(): Found delegation token. Creating DIGEST-based thrift connection.");
            // authenticate using delegation tokens via the "DIGEST" mechanism
            transport = authBridge.createClientTransport(null, host, "DIGEST", tokenStrForm, transport, MetaStoreUtils.getMetaStoreSaslProperties(conf, useSSL));
        } else {
            LOG.info("HMSC::open(): Could not find delegation token. Creating KERBEROS-based thrift connection.");
            String principalConfig = MetastoreConf.getVar(conf, MetastoreConf.ConfVars.KERBEROS_PRINCIPAL);
            transport = authBridge.createClientTransport(principalConfig, host, "KERBEROS", null, transport, MetaStoreUtils.getMetaStoreSaslProperties(conf, useSSL));
        }
    } else {
        if (useFramedTransport) {
            transport = new TFramedTransport(transport);
        }
    }
    final TProtocol protocol;
    if (useCompactProtocol) {
        protocol = new TCompactProtocol(transport);
    } else {
        protocol = new TBinaryProtocol(transport);
    }
    client = new ThriftHiveMetastore.Client(protocol);
    if (!transport.isOpen()) {
        transport.open();
        LOG.info("Opened a connection to metastore, current connections");
        if (!useSasl && MetastoreConf.getBoolVar(conf, MetastoreConf.ConfVars.EXECUTE_SET_UGI)) {
            // Call set_ugi, only in unsecure mode.
            try {
                UserGroupInformation ugi = SecurityUtils.getUGI();
                client.set_ugi(ugi.getUserName(), Arrays.asList(ugi.getGroupNames()));
            } catch (LoginException e) {
                LOG.warn("Failed to do login. set_ugi() is not successful, " + "Continuing without it.", e);
            } catch (IOException e) {
                LOG.warn("Failed to find ugi of client set_ugi() is not successful, " + "Continuing without it.", e);
            } catch (TException e) {
                LOG.warn("set_ugi() not successful, Likely cause: new client talking to old server. " + "Continuing without it.", e);
            }
        }
    }
    LOG.debug("Connected to metastore, using compact protocol = {}", useCompactProtocol);
    return transport;
}

Also used : TException(org.apache.thrift.TException) ThriftHiveMetastore(org.apache.hadoop.hive.metastore.api.ThriftHiveMetastore) IOException(java.io.IOException) TCompactProtocol(org.apache.thrift.protocol.TCompactProtocol) TBinaryProtocol(org.apache.thrift.protocol.TBinaryProtocol) HadoopThriftAuthBridge(org.apache.hadoop.hive.metastore.security.HadoopThriftAuthBridge) TProtocol(org.apache.thrift.protocol.TProtocol) TFramedTransport(org.apache.thrift.transport.layered.TFramedTransport) LoginException(javax.security.auth.login.LoginException) TConfiguration(org.apache.thrift.TConfiguration) TSocket(org.apache.thrift.transport.TSocket) UserGroupInformation(org.apache.hadoop.security.UserGroupInformation)

Example 7 with TFramedTransport

use of org.apache.thrift.transport.layered.TFramedTransport in project hbase by apache.

the class DemoClient method run.

public void run() throws Exception {
    int timeout = 10000;
    boolean framed = false;
    TTransport transport = new TSocket(new TConfiguration(), host, port, timeout);
    if (framed) {
        transport = new TFramedTransport(transport);
    } else if (secure) {
        /*
       * The Thrift server the DemoClient is trying to connect to
       * must have a matching principal, and support authentication.
       *
       * The HBase cluster must be secure, allow proxy user.
       */
        Map<String, String> saslProperties = new HashMap<>();
        saslProperties.put(Sasl.QOP, "auth-conf,auth-int,auth");
        transport = new TSaslClientTransport("GSSAPI", null, // Thrift server user name, should be an authorized proxy user
        user != null ? user : "hbase", // Thrift server domain
        host, saslProperties, null, transport);
    }
    TProtocol protocol = new TBinaryProtocol(transport);
    // This is our thrift client.
    THBaseService.Iface client = new THBaseService.Client(protocol);
    // open the transport
    transport.open();
    ByteBuffer table = ByteBuffer.wrap(Bytes.toBytes("example"));
    TPut put = new TPut();
    put.setRow(Bytes.toBytes("row1"));
    TColumnValue columnValue = new TColumnValue();
    columnValue.setFamily(Bytes.toBytes("family1"));
    columnValue.setQualifier(Bytes.toBytes("qualifier1"));
    columnValue.setValue(Bytes.toBytes("value1"));
    List<TColumnValue> columnValues = new ArrayList<>(1);
    columnValues.add(columnValue);
    put.setColumnValues(columnValues);
    client.put(table, put);
    TGet get = new TGet();
    get.setRow(Bytes.toBytes("row1"));
    TResult result = client.get(table, get);
    System.out.print("row = " + new String(result.getRow()));
    for (TColumnValue resultColumnValue : result.getColumnValues()) {
        System.out.print("family = " + new String(resultColumnValue.getFamily()));
        System.out.print("qualifier = " + new String(resultColumnValue.getFamily()));
        System.out.print("value = " + new String(resultColumnValue.getValue()));
        System.out.print("timestamp = " + resultColumnValue.getTimestamp());
    }
    transport.close();
}

Also used : TGet(org.apache.hadoop.hbase.thrift2.generated.TGet) ArrayList(java.util.ArrayList) TSaslClientTransport(org.apache.thrift.transport.TSaslClientTransport) TColumnValue(org.apache.hadoop.hbase.thrift2.generated.TColumnValue) ByteBuffer(java.nio.ByteBuffer) TResult(org.apache.hadoop.hbase.thrift2.generated.TResult) TBinaryProtocol(org.apache.thrift.protocol.TBinaryProtocol) TProtocol(org.apache.thrift.protocol.TProtocol) TFramedTransport(org.apache.thrift.transport.layered.TFramedTransport) TConfiguration(org.apache.thrift.TConfiguration) TTransport(org.apache.thrift.transport.TTransport) TPut(org.apache.hadoop.hbase.thrift2.generated.TPut) HashMap(java.util.HashMap) Map(java.util.Map) TSocket(org.apache.thrift.transport.TSocket) THBaseService(org.apache.hadoop.hbase.thrift2.generated.THBaseService)

Aggregations

TBinaryProtocol (org.apache.thrift.protocol.TBinaryProtocol)7 TProtocol (org.apache.thrift.protocol.TProtocol)7 TSocket (org.apache.thrift.transport.TSocket)7 TFramedTransport (org.apache.thrift.transport.layered.TFramedTransport)7 TCompactProtocol (org.apache.thrift.protocol.TCompactProtocol)5 TConfiguration (org.apache.thrift.TConfiguration)4 TTransport (org.apache.thrift.transport.TTransport)4 IOException (java.io.IOException)3 LoginException (javax.security.auth.login.LoginException)3 UserGroupInformation (org.apache.hadoop.security.UserGroupInformation)3 TException (org.apache.thrift.TException)3 URI (java.net.URI)2 THBaseService (org.apache.hadoop.hbase.thrift2.generated.THBaseService)2 HadoopThriftAuthBridge (org.apache.hadoop.hive.metastore.security.HadoopThriftAuthBridge)2 TTransportException (org.apache.thrift.transport.TTransportException)2 InvocationTargetException (java.lang.reflect.InvocationTargetException)1 UnknownHostException (java.net.UnknownHostException)1 ByteBuffer (java.nio.ByteBuffer)1 ArrayList (java.util.ArrayList)1 HashMap (java.util.HashMap)1