Example 51 with Credentials
use of org.ow2.proactive.authentication.crypto.Credentials in project scheduling by ow2-proactive.
the class SchedulerRMProxyFactory method connectToScheduler.
public SchedulerProxyUserInterface connectToScheduler(Credentials credentials) throws LoginException, SchedulerException, ActiveObjectCreationException, NodeException {
SchedulerProxyUserInterface scheduler = PAActiveObject.newActive(SchedulerProxyUserInterface.class, new Object[] {});
scheduler.init(PortalConfiguration.SCHEDULER_URL.getValueAsString(), credentials);
return scheduler;
}
Also used :
SchedulerProxyUserInterface(org.ow2.proactive.scheduler.common.util.SchedulerProxyUserInterface)
Example 52 with Credentials
use of org.ow2.proactive.authentication.crypto.Credentials in project scheduling by ow2-proactive.
the class RMNodeStarter method connectToResourceManager.
private void connectToResourceManager(String nodeName, Map<String, Node> nodes) {
ResourceManager rm = this.registerInRM(credentials, rmURL, nodeName, nodes.values());
resetReconnectionAttemptsLeft();
pingAllNodes(nodes, rm);
}
Also used :
ResourceManager(org.ow2.proactive.resourcemanager.frontend.ResourceManager)
Example 53 with Credentials
use of org.ow2.proactive.authentication.crypto.Credentials in project scheduling by ow2-proactive.
the class SSHInfrastructureV2 method startNodeImpl.
/**
* Internal node acquisition method
* <p>
* Starts a PA runtime on remote host using SSH, register it manually in the
* nodesource.
*
* @param hostTracker The host on which one the node will be started
* @param nbNodes number of nodes to deploy
* @param depNodeURLs list of deploying or lost nodes urls created
* @throws RMException
* acquisition failed
*/
public void startNodeImpl(final HostTracker hostTracker, final int nbNodes, final List<String> depNodeURLs) throws RMException {
String fs = getTargetOSObj().fs;
// we set the java security policy file
ArrayList<String> sb = new ArrayList<>();
final boolean containsSpace = schedulingPath.contains(" ");
if (!deploymentMode.equals("useNodeJarStartupScript")) {
if (containsSpace) {
sb.add("-Dproactive.home=\"" + schedulingPath + "\"");
} else {
sb.add("-Dproactive.home=" + schedulingPath);
}
}
String securitycmd = CentralPAPropertyRepository.JAVA_SECURITY_POLICY.getCmdLine();
if (!this.javaOptions.contains(securitycmd) && !deploymentMode.equals("useNodeJarStartupScript")) {
if (containsSpace) {
securitycmd += "\"";
}
securitycmd += this.schedulingPath + fs + "config" + fs;
securitycmd += "security.java.policy-client";
if (containsSpace) {
securitycmd += "\"";
}
sb.add(securitycmd);
}
// we set the log4j configuration file
String log4jcmd = CentralPAPropertyRepository.LOG4J.getCmdLine();
if (!this.javaOptions.contains(log4jcmd) && !deploymentMode.equals("useNodeJarStartupScript")) {
// log4j only understands urls
if (containsSpace) {
log4jcmd += "\"";
}
log4jcmd += "file:";
if (!this.schedulingPath.startsWith("/")) {
log4jcmd += "/";
}
log4jcmd += this.schedulingPath.replace("\\", "/");
log4jcmd += "/config/log/node.properties";
if (containsSpace) {
log4jcmd += "\"";
}
sb.add(log4jcmd);
}
// we add extra java/PA configuration
if (this.javaOptions != null && !this.javaOptions.trim().isEmpty()) {
sb.add(this.javaOptions.trim());
}
CommandLineBuilder clb = super.getDefaultCommandLineBuilder(getTargetOSObj());
final boolean deployNodesInDetachedMode = PAResourceManagerProperties.RM_NODES_RECOVERY.getValueAsBoolean() || PAResourceManagerProperties.RM_PRESERVE_NODES_ON_SHUTDOWN.getValueAsBoolean();
if (deployNodesInDetachedMode) {
// if we do not want to kill the nodes when the RM exits or
// restarts, then we should launch the nodes in background and
// ignore the RM termination signal
clb.setDetached();
}
clb.setJavaPath(this.javaPath);
clb.setRmHome(this.schedulingPath);
clb.setPaProperties(sb);
final String nodeName = nodeNameBuilder.generateNodeName(hostTracker);
clb.setNodeName(nodeName);
clb.setNumberOfNodes(nbNodes);
// set the stratup script retrieved from NodeCommandLine.properties
if (!this.deploymentMode.equals("autoGenerated")) {
clb.setDeploymentMode(deploymentMode);
clb.setStartupScript((deploymentMode.equals("useStartupScript") ? startupScriptStandard : startupScriptWithNodeJarDownload));
}
if (this.deploymentMode.equals("useNodeJarStartupScript")) {
clb.setNodeJarUrl(nodeJarUrl);
}
// finally, the credential's value
String credString;
try {
Client currentClient = super.nodeSource.getAdministrator();
credString = new String(currentClient.getCredentials().getBase64());
} catch (KeyException e) {
throw new RMException("Could not get base64 credentials", e);
}
clb.setCredentialsValueAndNullOthers(credString);
// add an expected node. every unexpected node will be discarded
String cmdLine;
String obfuscatedCmdLine;
try {
cmdLine = clb.buildCommandLine(true);
obfuscatedCmdLine = clb.buildCommandLine(false);
} catch (IOException e) {
throw new RMException("Cannot build the " + RMNodeStarter.class.getSimpleName() + "'s command line.", e);
}
// one escape the command to make it runnable through ssh
if (cmdLine.contains("\"")) {
cmdLine = cmdLine.replaceAll("\"", "\\\\\"");
}
final String finalCmdLine = cmdLine;
// The final addDeployingNode() method will initiate a timeout that
// will declare node as lost and set the description of the failure
// with a simplistic message, since there is no way to override this
// mechanism we consider only 90% of timeout to set custom description
// in case of failure and still allow global timeout
final int shorterTimeout = Math.round((90 * super.nodeTimeOut) / 100);
JSch jsch = new JSch();
final String msg = "deploy on " + hostTracker.getResolvedAddress();
final List<String> createdNodeNames = RMNodeStarter.getWorkersNodeNames(nodeName, nbNodes);
depNodeURLs.addAll(addMultipleDeployingNodes(createdNodeNames, obfuscatedCmdLine, msg, super.nodeTimeOut));
addTimeouts(depNodeURLs);
Session session;
try {
// Create ssh session to the hostname
session = jsch.getSession(this.sshUsername, hostTracker.getResolvedAddress().getHostName(), this.sshPort);
if (this.sshPassword == null) {
jsch.addIdentity(this.sshUsername, this.sshPrivateKey, null, null);
} else {
session.setPassword(this.sshPassword);
}
session.setConfig(this.sshOptions);
session.connect(shorterTimeout);
} catch (JSchException e) {
multipleDeclareDeployingNodeLost(depNodeURLs, "unable to " + msg + "\n" + getStackTraceAsString(e));
throw new RMException("unable to " + msg, e);
}
SSHInfrastructureV2.logger.info("Executing SSH command: '" + finalCmdLine + "'");
ScheduledExecutorService deployService = Executors.newSingleThreadScheduledExecutor();
try {
// Create ssh channel to run the cmd
ByteArrayOutputStream baos = new ByteArrayOutputStream(DEFAULT_OUTPUT_BUFFER_LENGTH);
ChannelExec channel;
try {
channel = (ChannelExec) session.openChannel("exec");
channel.setCommand(finalCmdLine);
channel.setOutputStream(baos);
channel.setErrStream(baos);
channel.connect();
} catch (JSchException e) {
multipleDeclareDeployingNodeLost(depNodeURLs, "unable to " + msg + "\n" + getStackTraceAsString(e));
throw new RMException("unable to " + msg, e);
}
final ChannelExec chan = channel;
Future<Void> deployResult = deployService.submit(new Callable<Void>() {
@Override
public Void call() throws Exception {
while (!shutDown.get() && !checkAllNodesAreAcquiredAndDo(createdNodeNames, null, null)) {
if (anyTimedOut(depNodeURLs)) {
throw new IllegalStateException("The upper infrastructure has issued a timeout");
}
// processes live completely independently
if (!deployNodesInDetachedMode && chan.getExitStatus() != PROCESS_STILL_RUNNING_VALUE) {
throw new IllegalStateException("The jvm process of the node has exited prematurely");
}
try {
Thread.sleep(1000);
} catch (InterruptedException e) {
// we know the cause of this
return null;
// interruption just exit
}
}
// Victory
return null;
}
});
try {
deployResult.get(shorterTimeout, TimeUnit.MILLISECONDS);
} catch (ExecutionException e) {
declareLostAndThrow("Unable to " + msg + " due to " + e.getCause(), depNodeURLs, channel, baos, e);
} catch (InterruptedException e) {
deployResult.cancel(true);
declareLostAndThrow("Unable to " + msg + " due to an interruption", depNodeURLs, channel, baos, e);
} catch (TimeoutException e) {
deployResult.cancel(true);
declareLostAndThrow("Unable to " + msg + " due to timeout", depNodeURLs, channel, baos, e);
} finally {
channel.disconnect();
}
} finally {
removeTimeouts(depNodeURLs);
session.disconnect();
deployService.shutdownNow();
}
}
Also used :
JSchException(com.jcraft.jsch.JSchException)
Throwables.getStackTraceAsString(com.google.common.base.Throwables.getStackTraceAsString)
CommandLineBuilder(org.ow2.proactive.resourcemanager.utils.CommandLineBuilder)
JSch(com.jcraft.jsch.JSch)
RMException(org.ow2.proactive.resourcemanager.exception.RMException)
Client(org.ow2.proactive.resourcemanager.authentication.Client)
ExecutionException(java.util.concurrent.ExecutionException)
TimeoutException(java.util.concurrent.TimeoutException)
ScheduledExecutorService(java.util.concurrent.ScheduledExecutorService)
IOException(java.io.IOException)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
KeyException(java.security.KeyException)
ChannelExec(com.jcraft.jsch.ChannelExec)
KeyException(java.security.KeyException)
TimeoutException(java.util.concurrent.TimeoutException)
IOException(java.io.IOException)
RMException(org.ow2.proactive.resourcemanager.exception.RMException)
ExecutionException(java.util.concurrent.ExecutionException)
JSchException(com.jcraft.jsch.JSchException)
Session(com.jcraft.jsch.Session)
Example 54 with Credentials
use of org.ow2.proactive.authentication.crypto.Credentials in project scheduling by ow2-proactive.
the class AutoUpdateInfrastructure method startNodeImpl.
/**
* Internal node acquisition method
* <p>
* Starts a PA runtime on remote host using a custom script, register it
* manually in the nodesource.
*
* @param hostTracker The host on which one the node will be started
* @param nbNodes number of nodes to deploy
* @param depNodeURLs list of deploying or lost nodes urls created
* @throws org.ow2.proactive.resourcemanager.exception.RMException
* acquisition failed
*/
protected void startNodeImpl(HostTracker hostTracker, int nbNodes, final List<String> depNodeURLs) throws RMException {
final String nodeName = this.nodeSource.getName() + "-" + ProActiveCounter.getUniqID();
String credentials = "";
try {
credentials = new String(nodeSource.getAdministrator().getCredentials().getBase64());
} catch (KeyException e) {
logger.error("Invalid credentials");
return;
}
Properties localProperties = new Properties();
localProperties.put(NODE_NAME, nodeName);
localProperties.put(HOST_NAME, hostTracker.getResolvedAddress().getHostName());
localProperties.put(NODESOURCE_CREDENTIALS, credentials);
localProperties.put(NODESOURCE_NAME, nodeSource.getName());
localProperties.put(NB_NODES, nbNodes);
String filledCommand = replaceProperties(command, localProperties);
filledCommand = replaceProperties(filledCommand, System.getProperties());
final List<String> createdNodeNames = RMNodeStarter.getWorkersNodeNames(nodeName, nbNodes);
depNodeURLs.addAll(addMultipleDeployingNodes(createdNodeNames, filledCommand, "Deploying node on host " + hostTracker.getResolvedAddress(), this.nodeTimeOut));
addTimeouts(depNodeURLs);
Process p;
try {
logger.debug("Deploying node: " + nodeName);
logger.debug("Launching the command: " + filledCommand);
p = Runtime.getRuntime().exec(new String[] { "bash", "-c", filledCommand });
} catch (IOException e1) {
multipleDeclareDeployingNodeLost(depNodeURLs, "Cannot run command: " + filledCommand + " - \n The following exception occurred: " + getStackTraceAsString(e1));
throw new RMException("Cannot run command: " + filledCommand, e1);
}
String lf = System.lineSeparator();
int circuitBreakerThreshold = 5;
while (!anyTimedOut(depNodeURLs) && circuitBreakerThreshold > 0) {
try {
int exitCode = p.exitValue();
if (exitCode != 0) {
logger.error("Child process at " + hostTracker.getResolvedAddress().getHostName() + " exited abnormally (" + exitCode + ").");
} else {
logger.error("Launching node script has exited normally whereas it shouldn't.");
}
String pOutPut = Utils.extractProcessOutput(p);
String pErrPut = Utils.extractProcessErrput(p);
final String description = "Script failed to launch a node on host " + hostTracker.getResolvedAddress().getHostName() + lf + " >Error code: " + exitCode + lf + " >Errput: " + pErrPut + " >Output: " + pOutPut;
logger.error(description);
if (super.checkNodeIsAcquiredAndDo(nodeName, null, new Runnable() {
public void run() {
multipleDeclareDeployingNodeLost(depNodeURLs, description);
}
})) {
return;
} else {
// there isn't any race regarding node registration
throw new RMException("A node " + nodeName + " is not expected anymore because of an error.");
}
} catch (IllegalThreadStateException e) {
logger.trace("IllegalThreadStateException while waiting for " + nodeName + " registration");
}
if (super.checkNodeIsAcquiredAndDo(nodeName, null, null)) {
// registration is ok, we destroy the process
logger.debug("Destroying the process: " + p);
try {
ProcessTree.get().get(p).kill();
} catch (InterruptedException e) {
Thread.currentThread().interrupt();
}
return;
}
try {
Thread.sleep(1000);
} catch (Exception e) {
circuitBreakerThreshold--;
logger.trace("An exception occurred while monitoring a child process", e);
}
}
// if we exit because of a timeout
if (anyTimedOut(depNodeURLs)) {
// we remove it
removeTimeouts(depNodeURLs);
// we destroy the process
p.destroy();
throw new RMException("Deploying Node " + nodeName + " not expected any more");
}
if (circuitBreakerThreshold <= 0) {
logger.error("Circuit breaker threshold reached while monitoring a child process.");
throw new RMException("Several exceptions occurred while monitoring a child process.");
}
}
Also used :
Throwables.getStackTraceAsString(com.google.common.base.Throwables.getStackTraceAsString)
IOException(java.io.IOException)
Properties(java.util.Properties)
KeyException(java.security.KeyException)
RMException(org.ow2.proactive.resourcemanager.exception.RMException)
KeyException(java.security.KeyException)
IOException(java.io.IOException)
RMException(org.ow2.proactive.resourcemanager.exception.RMException)
Example 55 with Credentials
use of org.ow2.proactive.authentication.crypto.Credentials in project scheduling by ow2-proactive.
the class LocalInfrastructure method startNodeProcess.
private void startNodeProcess(int numberOfNodes) {
logger.debug("Starting a new process to acquire " + numberOfNodes + " nodes");
int currentIndex = getIndexAndIncrementWithLockAndPersist();
String baseNodeName = "local-" + this.nodeSource.getName() + "-" + currentIndex;
OperatingSystem os = OperatingSystem.UNIX;
// assuming no cygwin, windows or the "others"...
if (System.getProperty("os.name").contains("Windows")) {
os = OperatingSystem.WINDOWS;
}
String rmHome = PAResourceManagerProperties.RM_HOME.getValueAsString();
if (!rmHome.endsWith(os.fs)) {
rmHome += os.fs;
}
CommandLineBuilder clb = this.getDefaultCommandLineBuilder(os);
// RM_Home set in bin/unix/env script
clb.setRmHome(rmHome);
ArrayList<String> paPropList = new ArrayList<>();
if (!this.paProperties.contains(CentralPAPropertyRepository.JAVA_SECURITY_POLICY.getName())) {
paPropList.add(CentralPAPropertyRepository.JAVA_SECURITY_POLICY.getCmdLine() + rmHome + "config" + os.fs + "security.java.policy-client");
}
if (!this.paProperties.contains(CentralPAPropertyRepository.PA_CONFIGURATION_FILE.getName())) {
paPropList.add(CentralPAPropertyRepository.PA_CONFIGURATION_FILE.getCmdLine() + rmHome + "config" + os.fs + "network" + os.fs + "node.ini");
}
if (!this.paProperties.contains(PAResourceManagerProperties.RM_HOME.getKey())) {
paPropList.add(PAResourceManagerProperties.RM_HOME.getCmdLine() + rmHome);
}
if (!this.paProperties.contains("java.library.path")) {
paPropList.add("-Djava.library.path=" + System.getProperty("java.library.path"));
}
if (!this.paProperties.isEmpty()) {
Collections.addAll(paPropList, this.paProperties.split(" "));
}
clb.setPaProperties(paPropList);
clb.setNodeName(baseNodeName);
clb.setNumberOfNodes(numberOfNodes);
try {
clb.setCredentialsValueAndNullOthers(getCredentials());
} catch (KeyException e) {
createLostNodes(baseNodeName, numberOfNodes, "Cannot decrypt credentials value", e);
return;
}
List<String> cmd;
try {
cmd = clb.buildCommandLineAsList(false);
} catch (IOException e) {
createLostNodes(baseNodeName, numberOfNodes, "Cannot build command line", e);
return;
}
// The printed cmd with obfuscated credentials
final String obfuscatedCmd = Joiner.on(' ').join(cmd);
List<String> depNodeURLs = new ArrayList<>(numberOfNodes);
final List<String> createdNodeNames = RMNodeStarter.getWorkersNodeNames(baseNodeName, numberOfNodes);
ProcessExecutor processExecutor = null;
try {
depNodeURLs.addAll(addMultipleDeployingNodes(createdNodeNames, obfuscatedCmd, "Node launched locally", this.nodeTimeout));
// Deobfuscate the cred value
Collections.replaceAll(cmd, CommandLineBuilder.OBFUSC, clb.getCredentialsValue());
processExecutor = new ProcessExecutor(baseNodeName, cmd, false, true);
this.processExecutorsToDeploying.put(processExecutor, depNodeURLs);
for (String deployingNodeUrl : depNodeURLs) {
this.deployingToProcessExecutors.put(deployingNodeUrl, processExecutor);
}
processExecutor.start();
final ProcessExecutor tmpProcessExecutor = processExecutor;
Runtime.getRuntime().addShutdownHook(new Thread(() -> {
if (tmpProcessExecutor != null && !tmpProcessExecutor.isProcessFinished()) {
tmpProcessExecutor.killProcess();
}
}));
logger.debug("Local Nodes command started : " + obfuscatedCmd);
} catch (IOException e) {
String lf = System.lineSeparator();
String mess = "Cannot launch rm node " + baseNodeName + lf + Throwables.getStackTraceAsString(e);
multipleDeclareDeployingNodeLost(depNodeURLs, mess);
if (processExecutor != null) {
processExecutor.killProcess();
this.processExecutorsToDeploying.remove(processExecutor);
for (String deployingNodeUrl : depNodeURLs) {
this.deployingToProcessExecutors.remove(deployingNodeUrl);
}
}
}
}
Also used :
OperatingSystem(org.ow2.proactive.resourcemanager.utils.OperatingSystem)
ArrayList(java.util.ArrayList)
CommandLineBuilder(org.ow2.proactive.resourcemanager.utils.CommandLineBuilder)
IOException(java.io.IOException)
ProcessExecutor(org.ow2.proactive.process.ProcessExecutor)
KeyException(java.security.KeyException)
Aggregations
Credentials (org.ow2.proactive.authentication.crypto.Credentials)52
CredData (org.ow2.proactive.authentication.crypto.CredData)45
KeyException (java.security.KeyException)20
ResourceManager (org.ow2.proactive.resourcemanager.frontend.ResourceManager)18
LoginException (javax.security.auth.login.LoginException)17
PublicKey (java.security.PublicKey)15
Test (org.junit.Test)15
RMAuthentication (org.ow2.proactive.resourcemanager.authentication.RMAuthentication)14
HashMap (java.util.HashMap)13
IOException (java.io.IOException)12
SchedulerAuthenticationInterface (org.ow2.proactive.scheduler.common.SchedulerAuthenticationInterface)12
File (java.io.File)9
NotConnectedException (org.ow2.proactive.scheduler.common.exception.NotConnectedException)8
RMFunctionalTest (functionaltests.utils.RMFunctionalTest)6
JMXServiceURL (javax.management.remote.JMXServiceURL)6
ActiveObjectCreationException (org.objectweb.proactive.ActiveObjectCreationException)6
Node (org.objectweb.proactive.core.node.Node)6
RMException (org.ow2.proactive.resourcemanager.exception.RMException)6
PermissionException (org.ow2.proactive.scheduler.common.exception.PermissionException)6
JMXConnector (javax.management.remote.JMXConnector)5
