hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/TestEncryptionZonesWithHA.java - hadoop - Git at Google

 /**
  * Licensed to the Apache Software Foundation (ASF) under one
  * or more contributor license agreements.  See the NOTICE file
  * distributed with this work for additional information
  * regarding copyright ownership.  The ASF licenses this file
  * to you under the Apache License, Version 2.0 (the
  * "License"); you may not use this file except in compliance
  * with the License.  You may obtain a copy of the License at
  *
  *     http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 package org.apache.hadoop.hdfs;

 import org.apache.hadoop.conf.Configuration;
 import org.apache.hadoop.crypto.key.JavaKeyStoreProvider;
 import org.apache.hadoop.crypto.key.KeyProviderCryptoExtension;
 import org.apache.hadoop.fs.CommonConfigurationKeysPublic;
 import org.apache.hadoop.fs.permission.FsPermission;
 import org.apache.hadoop.fs.FileSystemTestHelper;
 import org.apache.hadoop.fs.Path;
 import org.apache.hadoop.hdfs.client.CreateEncryptionZoneFlag;
 import org.apache.hadoop.hdfs.server.namenode.ha.HATestUtil;
 import org.apache.hadoop.hdfs.client.HdfsAdmin;
 import org.apache.hadoop.hdfs.server.namenode.NameNode;
 import org.junit.After;
 import org.junit.Assert;
 import org.junit.Before;
 import org.junit.Test;

 import java.io.File;
 import java.io.IOException;
 import java.util.EnumSet;

 /**
  * Tests interaction of encryption zones with HA failover.
  */
 public class TestEncryptionZonesWithHA {
   private Configuration conf;
   private MiniDFSCluster cluster;
   private NameNode nn0;
   private NameNode nn1;
   private DistributedFileSystem fs;
   private HdfsAdmin dfsAdmin0;
   private HdfsAdmin dfsAdmin1;
   private FileSystemTestHelper fsHelper;
   private File testRootDir;

   private final String TEST_KEY = "test_key";
   protected static final EnumSet< CreateEncryptionZoneFlag > NO_TRASH =
       EnumSet.of(CreateEncryptionZoneFlag.NO_TRASH);

   @Before
   public void setupCluster() throws Exception {
     conf = new Configuration();
     conf.setInt(DFSConfigKeys.DFS_HA_TAILEDITS_PERIOD_KEY, 1);
     HAUtil.setAllowStandbyReads(conf, true);
     fsHelper = new FileSystemTestHelper();
     String testRoot = fsHelper.getTestRootDir();
     testRootDir = new File(testRoot).getAbsoluteFile();
     conf.set(CommonConfigurationKeysPublic.HADOOP_SECURITY_KEY_PROVIDER_PATH,
         JavaKeyStoreProvider.SCHEME_NAME + "://file" +
         new Path(testRootDir.toString(), "test.jks").toUri()
     );

     cluster = new MiniDFSCluster.Builder(conf)
       .nnTopology(MiniDFSNNTopology.simpleHATopology())
       .numDataNodes(1)
       .build();
     cluster.waitActive();
     cluster.transitionToActive(0);

     fs = (DistributedFileSystem)HATestUtil.configureFailoverFs(cluster, conf);
     DFSTestUtil.createKey(TEST_KEY, cluster, 0, conf);
     DFSTestUtil.createKey(TEST_KEY, cluster, 1, conf);
     nn0 = cluster.getNameNode(0);
     nn1 = cluster.getNameNode(1);
     dfsAdmin0 = new HdfsAdmin(cluster.getURI(0), conf);
     dfsAdmin1 = new HdfsAdmin(cluster.getURI(1), conf);
     KeyProviderCryptoExtension nn0Provider =
         cluster.getNameNode(0).getNamesystem().getProvider();
     fs.getClient().setKeyProvider(nn0Provider);
   }

   @After
   public void shutdownCluster() throws IOException {
     if (cluster != null) {
       cluster.shutdown();
       cluster = null;
     }
   }

   /**
    * Test that encryption zones are properly tracked by the standby.
    */
   @Test(timeout = 60000)
   public void testEncryptionZonesTrackedOnStandby() throws Exception {
     final int len = 8196;
     final Path dir = new Path("/enc");
     final Path dirChild = new Path(dir, "child");
     final Path dirFile = new Path(dir, "file");
     fs.mkdir(dir, FsPermission.getDirDefault());
     dfsAdmin0.createEncryptionZone(dir, TEST_KEY, NO_TRASH);
     fs.mkdir(dirChild, FsPermission.getDirDefault());
     DFSTestUtil.createFile(fs, dirFile, len, (short) 1, 0xFEED);
     String contents = DFSTestUtil.readFile(fs, dirFile);

     // Failover the current standby to active.
     HATestUtil.waitForStandbyToCatchUp(nn0, nn1);
     cluster.shutdownNameNode(0);
     cluster.transitionToActive(1);

     Assert.assertEquals("Got unexpected ez path", dir.toString(),
         dfsAdmin1.getEncryptionZoneForPath(dir).getPath().toString());
     Assert.assertEquals("Got unexpected ez path", dir.toString(),
         dfsAdmin1.getEncryptionZoneForPath(dirChild).getPath().toString());
     Assert.assertEquals("File contents after failover were changed",
         contents, DFSTestUtil.readFile(fs, dirFile));
   }

 }
	/**
	* Licensed to the Apache Software Foundation (ASF) under one
	* or more contributor license agreements. See the NOTICE file
	* distributed with this work for additional information
	* regarding copyright ownership. The ASF licenses this file
	* to you under the Apache License, Version 2.0 (the
	* "License"); you may not use this file except in compliance
	* with the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/
	package org.apache.hadoop.hdfs;

	import org.apache.hadoop.conf.Configuration;
	import org.apache.hadoop.crypto.key.JavaKeyStoreProvider;
	import org.apache.hadoop.crypto.key.KeyProviderCryptoExtension;
	import org.apache.hadoop.fs.CommonConfigurationKeysPublic;
	import org.apache.hadoop.fs.permission.FsPermission;
	import org.apache.hadoop.fs.FileSystemTestHelper;
	import org.apache.hadoop.fs.Path;
	import org.apache.hadoop.hdfs.client.CreateEncryptionZoneFlag;
	import org.apache.hadoop.hdfs.server.namenode.ha.HATestUtil;
	import org.apache.hadoop.hdfs.client.HdfsAdmin;
	import org.apache.hadoop.hdfs.server.namenode.NameNode;
	import org.junit.After;
	import org.junit.Assert;
	import org.junit.Before;
	import org.junit.Test;

	import java.io.File;
	import java.io.IOException;
	import java.util.EnumSet;

	/**
	* Tests interaction of encryption zones with HA failover.
	*/
	public class TestEncryptionZonesWithHA {
	private Configuration conf;
	private MiniDFSCluster cluster;
	private NameNode nn0;
	private NameNode nn1;
	private DistributedFileSystem fs;
	private HdfsAdmin dfsAdmin0;
	private HdfsAdmin dfsAdmin1;
	private FileSystemTestHelper fsHelper;
	private File testRootDir;

	private final String TEST_KEY = "test_key";
	protected static final EnumSet< CreateEncryptionZoneFlag > NO_TRASH =
	EnumSet.of(CreateEncryptionZoneFlag.NO_TRASH);

	@Before
	public void setupCluster() throws Exception {
	conf = new Configuration();
	conf.setInt(DFSConfigKeys.DFS_HA_TAILEDITS_PERIOD_KEY, 1);
	HAUtil.setAllowStandbyReads(conf, true);
	fsHelper = new FileSystemTestHelper();
	String testRoot = fsHelper.getTestRootDir();
	testRootDir = new File(testRoot).getAbsoluteFile();
	conf.set(CommonConfigurationKeysPublic.HADOOP_SECURITY_KEY_PROVIDER_PATH,
	JavaKeyStoreProvider.SCHEME_NAME + "://file" +
	new Path(testRootDir.toString(), "test.jks").toUri()
	);

	cluster = new MiniDFSCluster.Builder(conf)
	.nnTopology(MiniDFSNNTopology.simpleHATopology())
	.numDataNodes(1)
	.build();
	cluster.waitActive();
	cluster.transitionToActive(0);

	fs = (DistributedFileSystem)HATestUtil.configureFailoverFs(cluster, conf);
	DFSTestUtil.createKey(TEST_KEY, cluster, 0, conf);
	DFSTestUtil.createKey(TEST_KEY, cluster, 1, conf);
	nn0 = cluster.getNameNode(0);
	nn1 = cluster.getNameNode(1);
	dfsAdmin0 = new HdfsAdmin(cluster.getURI(0), conf);
	dfsAdmin1 = new HdfsAdmin(cluster.getURI(1), conf);
	KeyProviderCryptoExtension nn0Provider =
	cluster.getNameNode(0).getNamesystem().getProvider();
	fs.getClient().setKeyProvider(nn0Provider);
	}

	@After
	public void shutdownCluster() throws IOException {
	if (cluster != null) {
	cluster.shutdown();
	cluster = null;
	}
	}

	/**
	* Test that encryption zones are properly tracked by the standby.
	*/
	@Test(timeout = 60000)
	public void testEncryptionZonesTrackedOnStandby() throws Exception {
	final int len = 8196;
	final Path dir = new Path("/enc");
	final Path dirChild = new Path(dir, "child");
	final Path dirFile = new Path(dir, "file");
	fs.mkdir(dir, FsPermission.getDirDefault());
	dfsAdmin0.createEncryptionZone(dir, TEST_KEY, NO_TRASH);
	fs.mkdir(dirChild, FsPermission.getDirDefault());
	DFSTestUtil.createFile(fs, dirFile, len, (short) 1, 0xFEED);
	String contents = DFSTestUtil.readFile(fs, dirFile);

	// Failover the current standby to active.
	HATestUtil.waitForStandbyToCatchUp(nn0, nn1);
	cluster.shutdownNameNode(0);
	cluster.transitionToActive(1);

	Assert.assertEquals("Got unexpected ez path", dir.toString(),
	dfsAdmin1.getEncryptionZoneForPath(dir).getPath().toString());
	Assert.assertEquals("Got unexpected ez path", dir.toString(),
	dfsAdmin1.getEncryptionZoneForPath(dirChild).getPath().toString());
	Assert.assertEquals("File contents after failover were changed",
	contents, DFSTestUtil.readFile(fs, dirFile));
	}

	}