Search in sources :

Example 51 with Credentials

use of org.ow2.proactive.authentication.crypto.Credentials in project scheduling by ow2-proactive.

the class SchedulerRMProxyFactory method connectToScheduler.

public SchedulerProxyUserInterface connectToScheduler(Credentials credentials) throws LoginException, SchedulerException, ActiveObjectCreationException, NodeException {
    SchedulerProxyUserInterface scheduler = PAActiveObject.newActive(SchedulerProxyUserInterface.class, new Object[] {});
    scheduler.init(PortalConfiguration.SCHEDULER_URL.getValueAsString(), credentials);
    return scheduler;
}
Also used : SchedulerProxyUserInterface(org.ow2.proactive.scheduler.common.util.SchedulerProxyUserInterface)

Example 52 with Credentials

use of org.ow2.proactive.authentication.crypto.Credentials in project scheduling by ow2-proactive.

the class RMNodeStarter method connectToResourceManager.

private void connectToResourceManager(String nodeName, Map<String, Node> nodes) {
    ResourceManager rm = this.registerInRM(credentials, rmURL, nodeName, nodes.values());
    resetReconnectionAttemptsLeft();
    pingAllNodes(nodes, rm);
}
Also used : ResourceManager(org.ow2.proactive.resourcemanager.frontend.ResourceManager)

Example 53 with Credentials

use of org.ow2.proactive.authentication.crypto.Credentials in project scheduling by ow2-proactive.

the class SSHInfrastructureV2 method startNodeImpl.

/**
 * Internal node acquisition method
 * <p>
 * Starts a PA runtime on remote host using SSH, register it manually in the
 * nodesource.
 *
 * @param hostTracker The host on which one the node will be started
 * @param nbNodes number of nodes to deploy
 * @param depNodeURLs list of deploying or lost nodes urls created
 * @throws RMException
 *             acquisition failed
 */
public void startNodeImpl(final HostTracker hostTracker, final int nbNodes, final List<String> depNodeURLs) throws RMException {
    String fs = getTargetOSObj().fs;
    // we set the java security policy file
    ArrayList<String> sb = new ArrayList<>();
    final boolean containsSpace = schedulingPath.contains(" ");
    if (!deploymentMode.equals("useNodeJarStartupScript")) {
        if (containsSpace) {
            sb.add("-Dproactive.home=\"" + schedulingPath + "\"");
        } else {
            sb.add("-Dproactive.home=" + schedulingPath);
        }
    }
    String securitycmd = CentralPAPropertyRepository.JAVA_SECURITY_POLICY.getCmdLine();
    if (!this.javaOptions.contains(securitycmd) && !deploymentMode.equals("useNodeJarStartupScript")) {
        if (containsSpace) {
            securitycmd += "\"";
        }
        securitycmd += this.schedulingPath + fs + "config" + fs;
        securitycmd += "security.java.policy-client";
        if (containsSpace) {
            securitycmd += "\"";
        }
        sb.add(securitycmd);
    }
    // we set the log4j configuration file
    String log4jcmd = CentralPAPropertyRepository.LOG4J.getCmdLine();
    if (!this.javaOptions.contains(log4jcmd) && !deploymentMode.equals("useNodeJarStartupScript")) {
        // log4j only understands urls
        if (containsSpace) {
            log4jcmd += "\"";
        }
        log4jcmd += "file:";
        if (!this.schedulingPath.startsWith("/")) {
            log4jcmd += "/";
        }
        log4jcmd += this.schedulingPath.replace("\\", "/");
        log4jcmd += "/config/log/node.properties";
        if (containsSpace) {
            log4jcmd += "\"";
        }
        sb.add(log4jcmd);
    }
    // we add extra java/PA configuration
    if (this.javaOptions != null && !this.javaOptions.trim().isEmpty()) {
        sb.add(this.javaOptions.trim());
    }
    CommandLineBuilder clb = super.getDefaultCommandLineBuilder(getTargetOSObj());
    final boolean deployNodesInDetachedMode = PAResourceManagerProperties.RM_NODES_RECOVERY.getValueAsBoolean() || PAResourceManagerProperties.RM_PRESERVE_NODES_ON_SHUTDOWN.getValueAsBoolean();
    if (deployNodesInDetachedMode) {
        // if we do not want to kill the nodes when the RM exits or
        // restarts, then we should launch the nodes in background and
        // ignore the RM termination signal
        clb.setDetached();
    }
    clb.setJavaPath(this.javaPath);
    clb.setRmHome(this.schedulingPath);
    clb.setPaProperties(sb);
    final String nodeName = nodeNameBuilder.generateNodeName(hostTracker);
    clb.setNodeName(nodeName);
    clb.setNumberOfNodes(nbNodes);
    // set the stratup script retrieved from NodeCommandLine.properties
    if (!this.deploymentMode.equals("autoGenerated")) {
        clb.setDeploymentMode(deploymentMode);
        clb.setStartupScript((deploymentMode.equals("useStartupScript") ? startupScriptStandard : startupScriptWithNodeJarDownload));
    }
    if (this.deploymentMode.equals("useNodeJarStartupScript")) {
        clb.setNodeJarUrl(nodeJarUrl);
    }
    // finally, the credential's value
    String credString;
    try {
        Client currentClient = super.nodeSource.getAdministrator();
        credString = new String(currentClient.getCredentials().getBase64());
    } catch (KeyException e) {
        throw new RMException("Could not get base64 credentials", e);
    }
    clb.setCredentialsValueAndNullOthers(credString);
    // add an expected node. every unexpected node will be discarded
    String cmdLine;
    String obfuscatedCmdLine;
    try {
        cmdLine = clb.buildCommandLine(true);
        obfuscatedCmdLine = clb.buildCommandLine(false);
    } catch (IOException e) {
        throw new RMException("Cannot build the " + RMNodeStarter.class.getSimpleName() + "'s command line.", e);
    }
    // one escape the command to make it runnable through ssh
    if (cmdLine.contains("\"")) {
        cmdLine = cmdLine.replaceAll("\"", "\\\\\"");
    }
    final String finalCmdLine = cmdLine;
    // The final addDeployingNode() method will initiate a timeout that
    // will declare node as lost and set the description of the failure
    // with a simplistic message, since there is no way to override this
    // mechanism we consider only 90% of timeout to set custom description
    // in case of failure and still allow global timeout
    final int shorterTimeout = Math.round((90 * super.nodeTimeOut) / 100);
    JSch jsch = new JSch();
    final String msg = "deploy on " + hostTracker.getResolvedAddress();
    final List<String> createdNodeNames = RMNodeStarter.getWorkersNodeNames(nodeName, nbNodes);
    depNodeURLs.addAll(addMultipleDeployingNodes(createdNodeNames, obfuscatedCmdLine, msg, super.nodeTimeOut));
    addTimeouts(depNodeURLs);
    Session session;
    try {
        // Create ssh session to the hostname
        session = jsch.getSession(this.sshUsername, hostTracker.getResolvedAddress().getHostName(), this.sshPort);
        if (this.sshPassword == null) {
            jsch.addIdentity(this.sshUsername, this.sshPrivateKey, null, null);
        } else {
            session.setPassword(this.sshPassword);
        }
        session.setConfig(this.sshOptions);
        session.connect(shorterTimeout);
    } catch (JSchException e) {
        multipleDeclareDeployingNodeLost(depNodeURLs, "unable to " + msg + "\n" + getStackTraceAsString(e));
        throw new RMException("unable to " + msg, e);
    }
    SSHInfrastructureV2.logger.info("Executing SSH command: '" + finalCmdLine + "'");
    ScheduledExecutorService deployService = Executors.newSingleThreadScheduledExecutor();
    try {
        // Create ssh channel to run the cmd
        ByteArrayOutputStream baos = new ByteArrayOutputStream(DEFAULT_OUTPUT_BUFFER_LENGTH);
        ChannelExec channel;
        try {
            channel = (ChannelExec) session.openChannel("exec");
            channel.setCommand(finalCmdLine);
            channel.setOutputStream(baos);
            channel.setErrStream(baos);
            channel.connect();
        } catch (JSchException e) {
            multipleDeclareDeployingNodeLost(depNodeURLs, "unable to " + msg + "\n" + getStackTraceAsString(e));
            throw new RMException("unable to " + msg, e);
        }
        final ChannelExec chan = channel;
        Future<Void> deployResult = deployService.submit(new Callable<Void>() {

            @Override
            public Void call() throws Exception {
                while (!shutDown.get() && !checkAllNodesAreAcquiredAndDo(createdNodeNames, null, null)) {
                    if (anyTimedOut(depNodeURLs)) {
                        throw new IllegalStateException("The upper infrastructure has issued a timeout");
                    }
                    // processes live completely independently
                    if (!deployNodesInDetachedMode && chan.getExitStatus() != PROCESS_STILL_RUNNING_VALUE) {
                        throw new IllegalStateException("The jvm process of the node has exited prematurely");
                    }
                    try {
                        Thread.sleep(1000);
                    } catch (InterruptedException e) {
                        // we know the cause of this
                        return null;
                    // interruption just exit
                    }
                }
                // Victory
                return null;
            }
        });
        try {
            deployResult.get(shorterTimeout, TimeUnit.MILLISECONDS);
        } catch (ExecutionException e) {
            declareLostAndThrow("Unable to " + msg + " due to " + e.getCause(), depNodeURLs, channel, baos, e);
        } catch (InterruptedException e) {
            deployResult.cancel(true);
            declareLostAndThrow("Unable to " + msg + " due to an interruption", depNodeURLs, channel, baos, e);
        } catch (TimeoutException e) {
            deployResult.cancel(true);
            declareLostAndThrow("Unable to " + msg + " due to timeout", depNodeURLs, channel, baos, e);
        } finally {
            channel.disconnect();
        }
    } finally {
        removeTimeouts(depNodeURLs);
        session.disconnect();
        deployService.shutdownNow();
    }
}
Also used : JSchException(com.jcraft.jsch.JSchException) Throwables.getStackTraceAsString(com.google.common.base.Throwables.getStackTraceAsString) CommandLineBuilder(org.ow2.proactive.resourcemanager.utils.CommandLineBuilder) JSch(com.jcraft.jsch.JSch) RMException(org.ow2.proactive.resourcemanager.exception.RMException) Client(org.ow2.proactive.resourcemanager.authentication.Client) ExecutionException(java.util.concurrent.ExecutionException) TimeoutException(java.util.concurrent.TimeoutException) ScheduledExecutorService(java.util.concurrent.ScheduledExecutorService) IOException(java.io.IOException) ByteArrayOutputStream(java.io.ByteArrayOutputStream) KeyException(java.security.KeyException) ChannelExec(com.jcraft.jsch.ChannelExec) KeyException(java.security.KeyException) TimeoutException(java.util.concurrent.TimeoutException) IOException(java.io.IOException) RMException(org.ow2.proactive.resourcemanager.exception.RMException) ExecutionException(java.util.concurrent.ExecutionException) JSchException(com.jcraft.jsch.JSchException) Session(com.jcraft.jsch.Session)

Example 54 with Credentials

use of org.ow2.proactive.authentication.crypto.Credentials in project scheduling by ow2-proactive.

the class AutoUpdateInfrastructure method startNodeImpl.

/**
 * Internal node acquisition method
 * <p>
 * Starts a PA runtime on remote host using a custom script, register it
 * manually in the nodesource.
 *
 * @param hostTracker The host on which one the node will be started
 * @param nbNodes number of nodes to deploy
 * @param depNodeURLs list of deploying or lost nodes urls created
 * @throws org.ow2.proactive.resourcemanager.exception.RMException
 *             acquisition failed
 */
protected void startNodeImpl(HostTracker hostTracker, int nbNodes, final List<String> depNodeURLs) throws RMException {
    final String nodeName = this.nodeSource.getName() + "-" + ProActiveCounter.getUniqID();
    String credentials = "";
    try {
        credentials = new String(nodeSource.getAdministrator().getCredentials().getBase64());
    } catch (KeyException e) {
        logger.error("Invalid credentials");
        return;
    }
    Properties localProperties = new Properties();
    localProperties.put(NODE_NAME, nodeName);
    localProperties.put(HOST_NAME, hostTracker.getResolvedAddress().getHostName());
    localProperties.put(NODESOURCE_CREDENTIALS, credentials);
    localProperties.put(NODESOURCE_NAME, nodeSource.getName());
    localProperties.put(NB_NODES, nbNodes);
    String filledCommand = replaceProperties(command, localProperties);
    filledCommand = replaceProperties(filledCommand, System.getProperties());
    final List<String> createdNodeNames = RMNodeStarter.getWorkersNodeNames(nodeName, nbNodes);
    depNodeURLs.addAll(addMultipleDeployingNodes(createdNodeNames, filledCommand, "Deploying node on host " + hostTracker.getResolvedAddress(), this.nodeTimeOut));
    addTimeouts(depNodeURLs);
    Process p;
    try {
        logger.debug("Deploying node: " + nodeName);
        logger.debug("Launching the command: " + filledCommand);
        p = Runtime.getRuntime().exec(new String[] { "bash", "-c", filledCommand });
    } catch (IOException e1) {
        multipleDeclareDeployingNodeLost(depNodeURLs, "Cannot run command: " + filledCommand + " - \n The following exception occurred: " + getStackTraceAsString(e1));
        throw new RMException("Cannot run command: " + filledCommand, e1);
    }
    String lf = System.lineSeparator();
    int circuitBreakerThreshold = 5;
    while (!anyTimedOut(depNodeURLs) && circuitBreakerThreshold > 0) {
        try {
            int exitCode = p.exitValue();
            if (exitCode != 0) {
                logger.error("Child process at " + hostTracker.getResolvedAddress().getHostName() + " exited abnormally (" + exitCode + ").");
            } else {
                logger.error("Launching node script has exited normally whereas it shouldn't.");
            }
            String pOutPut = Utils.extractProcessOutput(p);
            String pErrPut = Utils.extractProcessErrput(p);
            final String description = "Script failed to launch a node on host " + hostTracker.getResolvedAddress().getHostName() + lf + "   >Error code: " + exitCode + lf + "   >Errput: " + pErrPut + "   >Output: " + pOutPut;
            logger.error(description);
            if (super.checkNodeIsAcquiredAndDo(nodeName, null, new Runnable() {

                public void run() {
                    multipleDeclareDeployingNodeLost(depNodeURLs, description);
                }
            })) {
                return;
            } else {
                // there isn't any race regarding node registration
                throw new RMException("A node " + nodeName + " is not expected anymore because of an error.");
            }
        } catch (IllegalThreadStateException e) {
            logger.trace("IllegalThreadStateException while waiting for " + nodeName + " registration");
        }
        if (super.checkNodeIsAcquiredAndDo(nodeName, null, null)) {
            // registration is ok, we destroy the process
            logger.debug("Destroying the process: " + p);
            try {
                ProcessTree.get().get(p).kill();
            } catch (InterruptedException e) {
                Thread.currentThread().interrupt();
            }
            return;
        }
        try {
            Thread.sleep(1000);
        } catch (Exception e) {
            circuitBreakerThreshold--;
            logger.trace("An exception occurred while monitoring a child process", e);
        }
    }
    // if we exit because of a timeout
    if (anyTimedOut(depNodeURLs)) {
        // we remove it
        removeTimeouts(depNodeURLs);
        // we destroy the process
        p.destroy();
        throw new RMException("Deploying Node " + nodeName + " not expected any more");
    }
    if (circuitBreakerThreshold <= 0) {
        logger.error("Circuit breaker threshold reached while monitoring a child process.");
        throw new RMException("Several exceptions occurred while monitoring a child process.");
    }
}
Also used : Throwables.getStackTraceAsString(com.google.common.base.Throwables.getStackTraceAsString) IOException(java.io.IOException) Properties(java.util.Properties) KeyException(java.security.KeyException) RMException(org.ow2.proactive.resourcemanager.exception.RMException) KeyException(java.security.KeyException) IOException(java.io.IOException) RMException(org.ow2.proactive.resourcemanager.exception.RMException)

Example 55 with Credentials

use of org.ow2.proactive.authentication.crypto.Credentials in project scheduling by ow2-proactive.

the class LocalInfrastructure method startNodeProcess.

private void startNodeProcess(int numberOfNodes) {
    logger.debug("Starting a new process to acquire " + numberOfNodes + " nodes");
    int currentIndex = getIndexAndIncrementWithLockAndPersist();
    String baseNodeName = "local-" + this.nodeSource.getName() + "-" + currentIndex;
    OperatingSystem os = OperatingSystem.UNIX;
    // assuming no cygwin, windows or the "others"...
    if (System.getProperty("os.name").contains("Windows")) {
        os = OperatingSystem.WINDOWS;
    }
    String rmHome = PAResourceManagerProperties.RM_HOME.getValueAsString();
    if (!rmHome.endsWith(os.fs)) {
        rmHome += os.fs;
    }
    CommandLineBuilder clb = this.getDefaultCommandLineBuilder(os);
    // RM_Home set in bin/unix/env script
    clb.setRmHome(rmHome);
    ArrayList<String> paPropList = new ArrayList<>();
    if (!this.paProperties.contains(CentralPAPropertyRepository.JAVA_SECURITY_POLICY.getName())) {
        paPropList.add(CentralPAPropertyRepository.JAVA_SECURITY_POLICY.getCmdLine() + rmHome + "config" + os.fs + "security.java.policy-client");
    }
    if (!this.paProperties.contains(CentralPAPropertyRepository.PA_CONFIGURATION_FILE.getName())) {
        paPropList.add(CentralPAPropertyRepository.PA_CONFIGURATION_FILE.getCmdLine() + rmHome + "config" + os.fs + "network" + os.fs + "node.ini");
    }
    if (!this.paProperties.contains(PAResourceManagerProperties.RM_HOME.getKey())) {
        paPropList.add(PAResourceManagerProperties.RM_HOME.getCmdLine() + rmHome);
    }
    if (!this.paProperties.contains("java.library.path")) {
        paPropList.add("-Djava.library.path=" + System.getProperty("java.library.path"));
    }
    if (!this.paProperties.isEmpty()) {
        Collections.addAll(paPropList, this.paProperties.split(" "));
    }
    clb.setPaProperties(paPropList);
    clb.setNodeName(baseNodeName);
    clb.setNumberOfNodes(numberOfNodes);
    try {
        clb.setCredentialsValueAndNullOthers(getCredentials());
    } catch (KeyException e) {
        createLostNodes(baseNodeName, numberOfNodes, "Cannot decrypt credentials value", e);
        return;
    }
    List<String> cmd;
    try {
        cmd = clb.buildCommandLineAsList(false);
    } catch (IOException e) {
        createLostNodes(baseNodeName, numberOfNodes, "Cannot build command line", e);
        return;
    }
    // The printed cmd with obfuscated credentials
    final String obfuscatedCmd = Joiner.on(' ').join(cmd);
    List<String> depNodeURLs = new ArrayList<>(numberOfNodes);
    final List<String> createdNodeNames = RMNodeStarter.getWorkersNodeNames(baseNodeName, numberOfNodes);
    ProcessExecutor processExecutor = null;
    try {
        depNodeURLs.addAll(addMultipleDeployingNodes(createdNodeNames, obfuscatedCmd, "Node launched locally", this.nodeTimeout));
        // Deobfuscate the cred value
        Collections.replaceAll(cmd, CommandLineBuilder.OBFUSC, clb.getCredentialsValue());
        processExecutor = new ProcessExecutor(baseNodeName, cmd, false, true);
        this.processExecutorsToDeploying.put(processExecutor, depNodeURLs);
        for (String deployingNodeUrl : depNodeURLs) {
            this.deployingToProcessExecutors.put(deployingNodeUrl, processExecutor);
        }
        processExecutor.start();
        final ProcessExecutor tmpProcessExecutor = processExecutor;
        Runtime.getRuntime().addShutdownHook(new Thread(() -> {
            if (tmpProcessExecutor != null && !tmpProcessExecutor.isProcessFinished()) {
                tmpProcessExecutor.killProcess();
            }
        }));
        logger.debug("Local Nodes command started : " + obfuscatedCmd);
    } catch (IOException e) {
        String lf = System.lineSeparator();
        String mess = "Cannot launch rm node " + baseNodeName + lf + Throwables.getStackTraceAsString(e);
        multipleDeclareDeployingNodeLost(depNodeURLs, mess);
        if (processExecutor != null) {
            processExecutor.killProcess();
            this.processExecutorsToDeploying.remove(processExecutor);
            for (String deployingNodeUrl : depNodeURLs) {
                this.deployingToProcessExecutors.remove(deployingNodeUrl);
            }
        }
    }
}
Also used : OperatingSystem(org.ow2.proactive.resourcemanager.utils.OperatingSystem) ArrayList(java.util.ArrayList) CommandLineBuilder(org.ow2.proactive.resourcemanager.utils.CommandLineBuilder) IOException(java.io.IOException) ProcessExecutor(org.ow2.proactive.process.ProcessExecutor) KeyException(java.security.KeyException)

Aggregations

Credentials (org.ow2.proactive.authentication.crypto.Credentials)52 CredData (org.ow2.proactive.authentication.crypto.CredData)45 KeyException (java.security.KeyException)20 ResourceManager (org.ow2.proactive.resourcemanager.frontend.ResourceManager)18 LoginException (javax.security.auth.login.LoginException)17 PublicKey (java.security.PublicKey)15 Test (org.junit.Test)15 RMAuthentication (org.ow2.proactive.resourcemanager.authentication.RMAuthentication)14 HashMap (java.util.HashMap)13 IOException (java.io.IOException)12 SchedulerAuthenticationInterface (org.ow2.proactive.scheduler.common.SchedulerAuthenticationInterface)12 File (java.io.File)9 NotConnectedException (org.ow2.proactive.scheduler.common.exception.NotConnectedException)8 RMFunctionalTest (functionaltests.utils.RMFunctionalTest)6 JMXServiceURL (javax.management.remote.JMXServiceURL)6 ActiveObjectCreationException (org.objectweb.proactive.ActiveObjectCreationException)6 Node (org.objectweb.proactive.core.node.Node)6 RMException (org.ow2.proactive.resourcemanager.exception.RMException)6 PermissionException (org.ow2.proactive.scheduler.common.exception.PermissionException)6 JMXConnector (javax.management.remote.JMXConnector)5