You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@ignite.apache.org by "timoninmaxim (via GitHub)" <gi...@apache.org> on 2023/05/19 11:21:13 UTC
[GitHub] [ignite] timoninmaxim commented on a diff in pull request #10701: IGNITE-19410 Fixed node crash due to SecurityContext not being found during discovery message processing.
timoninmaxim commented on code in PR #10701:
URL: https://github.com/apache/ignite/pull/10701#discussion_r1198795408
##########
modules/core/src/main/java/org/apache/ignite/internal/managers/discovery/GridDiscoveryManager.java:
##########
@@ -2678,6 +2678,13 @@ public ClusterNode historicalNode(UUID nodeId) {
return node;
}
+ for (Collection<ClusterNode> top : topHist.values()) {
Review Comment:
In this method we check some topologies twice - first time in discoCacheHist, and second in topHist. Checking topHist has O(n) complexity. It looks like it's possible to reduce amount of operations by filtering by topology version.
##########
modules/core/src/test/java/org/apache/ignite/internal/processors/security/NodeSecurityContextPropagationTest.java:
##########
@@ -0,0 +1,556 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ignite.internal.processors.security;
+
+import java.util.Collection;
+import java.util.Collections;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.UUID;
+import java.util.concurrent.BlockingDeque;
+import java.util.concurrent.CountDownLatch;
+import java.util.concurrent.TimeUnit;
+import org.apache.commons.lang3.reflect.FieldUtils;
+import org.apache.ignite.IgniteCheckedException;
+import org.apache.ignite.configuration.DataRegionConfiguration;
+import org.apache.ignite.configuration.DataStorageConfiguration;
+import org.apache.ignite.configuration.IgniteConfiguration;
+import org.apache.ignite.failure.StopNodeOrHaltFailureHandler;
+import org.apache.ignite.internal.IgniteEx;
+import org.apache.ignite.internal.events.DiscoveryCustomEvent;
+import org.apache.ignite.internal.managers.discovery.CustomMessageWrapper;
+import org.apache.ignite.internal.managers.discovery.DiscoCache;
+import org.apache.ignite.internal.managers.discovery.DiscoveryCustomMessage;
+import org.apache.ignite.internal.managers.discovery.GridDiscoveryManager;
+import org.apache.ignite.internal.managers.discovery.SecurityAwareCustomMessageWrapper;
+import org.apache.ignite.internal.processors.affinity.AffinityTopologyVersion;
+import org.apache.ignite.internal.util.typedef.F;
+import org.apache.ignite.internal.util.typedef.internal.U;
+import org.apache.ignite.lang.IgniteUuid;
+import org.apache.ignite.spi.discovery.DiscoverySpi;
+import org.apache.ignite.spi.discovery.DiscoverySpiCustomMessage;
+import org.apache.ignite.spi.discovery.tcp.TcpDiscoverySpi;
+import org.apache.ignite.spi.discovery.tcp.ipfinder.vm.TcpDiscoveryVmIpFinder;
+import org.apache.ignite.spi.discovery.tcp.messages.TcpDiscoveryAbstractMessage;
+import org.apache.ignite.spi.discovery.tcp.messages.TcpDiscoveryCustomEventMessage;
+import org.apache.ignite.spi.discovery.tcp.messages.TcpDiscoveryNodeAddedMessage;
+import org.apache.ignite.spi.discovery.tcp.messages.TcpDiscoveryNodeLeftMessage;
+import org.jetbrains.annotations.NotNull;
+import org.jetbrains.annotations.Nullable;
+import org.junit.Test;
+
+import static org.apache.ignite.events.EventType.EVT_NODE_LEFT;
+import static org.apache.ignite.internal.IgniteNodeAttributes.ATTR_IGNITE_INSTANCE_NAME;
+import static org.apache.ignite.internal.events.DiscoveryCustomEvent.EVT_DISCOVERY_CUSTOM_EVT;
+import static org.apache.ignite.testframework.GridTestUtils.runAsync;
+import static org.apache.ignite.testframework.GridTestUtils.waitForCondition;
+
+/** */
+public class NodeSecurityContextPropagationTest extends AbstractSecurityTest {
+ /** */
+ private static final Collection<UUID> TEST_MESSAGE_ACCEPTED_NODES = new HashSet<>();
+
+ /** {@inheritDoc} */
+ @Override protected IgniteConfiguration getConfiguration(String igniteInstanceName) throws Exception {
+ return getConfiguration(igniteInstanceName, false);
+ }
+
+ /** */
+ private IgniteConfiguration getConfiguration(String igniteInstanceName, boolean isClient) throws Exception {
+ IgniteConfiguration cfg = super.getConfiguration(igniteInstanceName)
+ .setFailureHandler(new StopNodeOrHaltFailureHandler())
+ .setDataStorageConfiguration(new DataStorageConfiguration())
+ .setClientMode(isClient)
+ .setLocalEventListeners(
+ Collections.singletonMap(e -> {
+ DiscoveryCustomEvent discoEvt = (DiscoveryCustomEvent)e;
+
+ if (discoEvt.customMessage() instanceof TestDiscoveryAcknowledgeMessage)
+ TEST_MESSAGE_ACCEPTED_NODES.add(discoEvt.node().id());
+
+ return true;
+ }, new int[] {EVT_DISCOVERY_CUSTOM_EVT})
+ )
+ .setDataStorageConfiguration(new DataStorageConfiguration()
+ .setDefaultDataRegionConfiguration(new DataRegionConfiguration()
+ .setPersistenceEnabled(true)
+ .setMaxSize(100L * 1024 * 1024)))
+ .setAuthenticationEnabled(true);
+
+ ((TcpDiscoverySpi)cfg.getDiscoverySpi())
+ .setIpFinder(new TcpDiscoveryVmIpFinder()
+ .setAddresses(Collections.singleton("127.0.0.1:47500")));
+
+ return cfg;
+ }
+
+ /** {@inheritDoc} */
+ @Override protected void beforeTest() throws Exception {
+ super.beforeTest();
+
+ cleanPersistenceDir();
+ }
+
+ /** {@inheritDoc} */
+ @Override protected IgniteEx startGrid(int idx) throws Exception {
+ IgniteEx ignite = super.startGrid(idx);
+
+ wrapRingMessageWorkerQueue(ignite);
+
+ return ignite;
+ }
+
+ /** */
+ @Test
+ public void test() throws Exception {
+ IgniteEx crd = startGrid(0);
+
+ IgniteEx cli = startClientNode(11);
+
+ IgniteEx srv = startGrid(1);
+
+ CountDownLatch cliLefEvtProcessedByCoordinator = new CountDownLatch(1);
+
+ crd.events().localListen(
+ evt -> {
+ cliLefEvtProcessedByCoordinator.countDown();
+
+ return true;
+ },
+ EVT_NODE_LEFT
+ );
+
+ discoveryMessageQueue(srv).block();
+
+ long pollingTimeout = U.field(discoveryMessageWorker(srv), "pollingTimeout");
+
+ // We need to wait for any active BlockingDeque#poll operation to complete.
+ U.sleep(5 * pollingTimeout);
+
+ cli.context().discovery().sendCustomEvent(new TestDiscoveryMessage());
+
+ waitForCondition(() -> !getReceivedMessages(srv, TestDiscoveryMessage.class).isEmpty(), getTestTimeout());
+
+ runAsync(() -> stopGrid(11));
+
+ cliLefEvtProcessedByCoordinator.await();
+
+ waitForCondition(() -> !getReceivedMessages(srv, TcpDiscoveryNodeLeftMessage.class).isEmpty(), getTestTimeout());
+
+ runAsync(() -> startGrid(2));
+
+ waitForCondition(() -> isNodeAddedMessageReceived(srv, 2), getTestTimeout());
+
+ runAsync(() -> startGrid(3));
+
+ waitForCondition(() -> isNodeAddedMessageReceived(srv, 3), getTestTimeout());
+
+ discoveryMessageQueue(srv).unblock();
+
+ waitForCondition(
+ () -> grid(0).cluster().nodes().size() == 4
+ && TEST_MESSAGE_ACCEPTED_NODES.contains(grid(2).cluster().localNode().id()),
+ getTestTimeout());
+ }
+
+ /** */
+ private IgniteEx startClientNode(int idx) throws Exception {
Review Comment:
There is already `startClientGrid`, let's use it instead. It also simplifies configuration - no need to override `getIgniteConfiguration(String, boolean)`
##########
modules/core/src/test/java/org/apache/ignite/internal/processors/security/NodeSecurityContextPropagationTest.java:
##########
@@ -0,0 +1,556 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ignite.internal.processors.security;
+
+import java.util.Collection;
+import java.util.Collections;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.UUID;
+import java.util.concurrent.BlockingDeque;
+import java.util.concurrent.CountDownLatch;
+import java.util.concurrent.TimeUnit;
+import org.apache.commons.lang3.reflect.FieldUtils;
+import org.apache.ignite.IgniteCheckedException;
+import org.apache.ignite.configuration.DataRegionConfiguration;
+import org.apache.ignite.configuration.DataStorageConfiguration;
+import org.apache.ignite.configuration.IgniteConfiguration;
+import org.apache.ignite.failure.StopNodeOrHaltFailureHandler;
+import org.apache.ignite.internal.IgniteEx;
+import org.apache.ignite.internal.events.DiscoveryCustomEvent;
+import org.apache.ignite.internal.managers.discovery.CustomMessageWrapper;
+import org.apache.ignite.internal.managers.discovery.DiscoCache;
+import org.apache.ignite.internal.managers.discovery.DiscoveryCustomMessage;
+import org.apache.ignite.internal.managers.discovery.GridDiscoveryManager;
+import org.apache.ignite.internal.managers.discovery.SecurityAwareCustomMessageWrapper;
+import org.apache.ignite.internal.processors.affinity.AffinityTopologyVersion;
+import org.apache.ignite.internal.util.typedef.F;
+import org.apache.ignite.internal.util.typedef.internal.U;
+import org.apache.ignite.lang.IgniteUuid;
+import org.apache.ignite.spi.discovery.DiscoverySpi;
+import org.apache.ignite.spi.discovery.DiscoverySpiCustomMessage;
+import org.apache.ignite.spi.discovery.tcp.TcpDiscoverySpi;
+import org.apache.ignite.spi.discovery.tcp.ipfinder.vm.TcpDiscoveryVmIpFinder;
+import org.apache.ignite.spi.discovery.tcp.messages.TcpDiscoveryAbstractMessage;
+import org.apache.ignite.spi.discovery.tcp.messages.TcpDiscoveryCustomEventMessage;
+import org.apache.ignite.spi.discovery.tcp.messages.TcpDiscoveryNodeAddedMessage;
+import org.apache.ignite.spi.discovery.tcp.messages.TcpDiscoveryNodeLeftMessage;
+import org.jetbrains.annotations.NotNull;
+import org.jetbrains.annotations.Nullable;
+import org.junit.Test;
+
+import static org.apache.ignite.events.EventType.EVT_NODE_LEFT;
+import static org.apache.ignite.internal.IgniteNodeAttributes.ATTR_IGNITE_INSTANCE_NAME;
+import static org.apache.ignite.internal.events.DiscoveryCustomEvent.EVT_DISCOVERY_CUSTOM_EVT;
+import static org.apache.ignite.testframework.GridTestUtils.runAsync;
+import static org.apache.ignite.testframework.GridTestUtils.waitForCondition;
+
+/** */
+public class NodeSecurityContextPropagationTest extends AbstractSecurityTest {
+ /** */
+ private static final Collection<UUID> TEST_MESSAGE_ACCEPTED_NODES = new HashSet<>();
+
+ /** {@inheritDoc} */
+ @Override protected IgniteConfiguration getConfiguration(String igniteInstanceName) throws Exception {
+ return getConfiguration(igniteInstanceName, false);
+ }
+
+ /** */
+ private IgniteConfiguration getConfiguration(String igniteInstanceName, boolean isClient) throws Exception {
+ IgniteConfiguration cfg = super.getConfiguration(igniteInstanceName)
+ .setFailureHandler(new StopNodeOrHaltFailureHandler())
+ .setDataStorageConfiguration(new DataStorageConfiguration())
+ .setClientMode(isClient)
+ .setLocalEventListeners(
+ Collections.singletonMap(e -> {
+ DiscoveryCustomEvent discoEvt = (DiscoveryCustomEvent)e;
+
+ if (discoEvt.customMessage() instanceof TestDiscoveryAcknowledgeMessage)
+ TEST_MESSAGE_ACCEPTED_NODES.add(discoEvt.node().id());
+
+ return true;
+ }, new int[] {EVT_DISCOVERY_CUSTOM_EVT})
+ )
+ .setDataStorageConfiguration(new DataStorageConfiguration()
+ .setDefaultDataRegionConfiguration(new DataRegionConfiguration()
+ .setPersistenceEnabled(true)
+ .setMaxSize(100L * 1024 * 1024)))
+ .setAuthenticationEnabled(true);
+
+ ((TcpDiscoverySpi)cfg.getDiscoverySpi())
+ .setIpFinder(new TcpDiscoveryVmIpFinder()
+ .setAddresses(Collections.singleton("127.0.0.1:47500")));
+
+ return cfg;
+ }
+
+ /** {@inheritDoc} */
+ @Override protected void beforeTest() throws Exception {
+ super.beforeTest();
+
+ cleanPersistenceDir();
+ }
+
+ /** {@inheritDoc} */
+ @Override protected IgniteEx startGrid(int idx) throws Exception {
+ IgniteEx ignite = super.startGrid(idx);
+
+ wrapRingMessageWorkerQueue(ignite);
+
+ return ignite;
+ }
+
+ /** */
+ @Test
+ public void test() throws Exception {
+ IgniteEx crd = startGrid(0);
+
+ IgniteEx cli = startClientNode(11);
+
+ IgniteEx srv = startGrid(1);
+
+ CountDownLatch cliLefEvtProcessedByCoordinator = new CountDownLatch(1);
+
+ crd.events().localListen(
+ evt -> {
+ cliLefEvtProcessedByCoordinator.countDown();
+
+ return true;
+ },
+ EVT_NODE_LEFT
+ );
+
+ discoveryMessageQueue(srv).block();
+
+ long pollingTimeout = U.field(discoveryMessageWorker(srv), "pollingTimeout");
+
+ // We need to wait for any active BlockingDeque#poll operation to complete.
+ U.sleep(5 * pollingTimeout);
+
+ cli.context().discovery().sendCustomEvent(new TestDiscoveryMessage());
+
+ waitForCondition(() -> !getReceivedMessages(srv, TestDiscoveryMessage.class).isEmpty(), getTestTimeout());
+
+ runAsync(() -> stopGrid(11));
+
+ cliLefEvtProcessedByCoordinator.await();
+
+ waitForCondition(() -> !getReceivedMessages(srv, TcpDiscoveryNodeLeftMessage.class).isEmpty(), getTestTimeout());
+
+ runAsync(() -> startGrid(2));
+
+ waitForCondition(() -> isNodeAddedMessageReceived(srv, 2), getTestTimeout());
+
+ runAsync(() -> startGrid(3));
+
+ waitForCondition(() -> isNodeAddedMessageReceived(srv, 3), getTestTimeout());
+
+ discoveryMessageQueue(srv).unblock();
+
+ waitForCondition(
+ () -> grid(0).cluster().nodes().size() == 4
+ && TEST_MESSAGE_ACCEPTED_NODES.contains(grid(2).cluster().localNode().id()),
+ getTestTimeout());
+ }
+
+ /** */
+ private IgniteEx startClientNode(int idx) throws Exception {
+ return startGrid(getConfiguration(getTestIgniteInstanceName(idx), true));
+ }
+
+ /** */
+ private boolean isNodeAddedMessageReceived(IgniteEx ignite, int nodeIdx) {
Review Comment:
Can we replace this method with `getReceivedMessages(IgniteEx, Predicate<Message>)`?
##########
modules/core/src/test/java/org/apache/ignite/internal/processors/security/NodeSecurityContextPropagationTest.java:
##########
@@ -0,0 +1,556 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ignite.internal.processors.security;
+
+import java.util.Collection;
+import java.util.Collections;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.UUID;
+import java.util.concurrent.BlockingDeque;
+import java.util.concurrent.CountDownLatch;
+import java.util.concurrent.TimeUnit;
+import org.apache.commons.lang3.reflect.FieldUtils;
+import org.apache.ignite.IgniteCheckedException;
+import org.apache.ignite.configuration.DataRegionConfiguration;
+import org.apache.ignite.configuration.DataStorageConfiguration;
+import org.apache.ignite.configuration.IgniteConfiguration;
+import org.apache.ignite.failure.StopNodeOrHaltFailureHandler;
+import org.apache.ignite.internal.IgniteEx;
+import org.apache.ignite.internal.events.DiscoveryCustomEvent;
+import org.apache.ignite.internal.managers.discovery.CustomMessageWrapper;
+import org.apache.ignite.internal.managers.discovery.DiscoCache;
+import org.apache.ignite.internal.managers.discovery.DiscoveryCustomMessage;
+import org.apache.ignite.internal.managers.discovery.GridDiscoveryManager;
+import org.apache.ignite.internal.managers.discovery.SecurityAwareCustomMessageWrapper;
+import org.apache.ignite.internal.processors.affinity.AffinityTopologyVersion;
+import org.apache.ignite.internal.util.typedef.F;
+import org.apache.ignite.internal.util.typedef.internal.U;
+import org.apache.ignite.lang.IgniteUuid;
+import org.apache.ignite.spi.discovery.DiscoverySpi;
+import org.apache.ignite.spi.discovery.DiscoverySpiCustomMessage;
+import org.apache.ignite.spi.discovery.tcp.TcpDiscoverySpi;
+import org.apache.ignite.spi.discovery.tcp.ipfinder.vm.TcpDiscoveryVmIpFinder;
+import org.apache.ignite.spi.discovery.tcp.messages.TcpDiscoveryAbstractMessage;
+import org.apache.ignite.spi.discovery.tcp.messages.TcpDiscoveryCustomEventMessage;
+import org.apache.ignite.spi.discovery.tcp.messages.TcpDiscoveryNodeAddedMessage;
+import org.apache.ignite.spi.discovery.tcp.messages.TcpDiscoveryNodeLeftMessage;
+import org.jetbrains.annotations.NotNull;
+import org.jetbrains.annotations.Nullable;
+import org.junit.Test;
+
+import static org.apache.ignite.events.EventType.EVT_NODE_LEFT;
+import static org.apache.ignite.internal.IgniteNodeAttributes.ATTR_IGNITE_INSTANCE_NAME;
+import static org.apache.ignite.internal.events.DiscoveryCustomEvent.EVT_DISCOVERY_CUSTOM_EVT;
+import static org.apache.ignite.testframework.GridTestUtils.runAsync;
+import static org.apache.ignite.testframework.GridTestUtils.waitForCondition;
+
+/** */
+public class NodeSecurityContextPropagationTest extends AbstractSecurityTest {
+ /** */
+ private static final Collection<UUID> TEST_MESSAGE_ACCEPTED_NODES = new HashSet<>();
+
+ /** {@inheritDoc} */
+ @Override protected IgniteConfiguration getConfiguration(String igniteInstanceName) throws Exception {
+ return getConfiguration(igniteInstanceName, false);
+ }
+
+ /** */
+ private IgniteConfiguration getConfiguration(String igniteInstanceName, boolean isClient) throws Exception {
+ IgniteConfiguration cfg = super.getConfiguration(igniteInstanceName)
+ .setFailureHandler(new StopNodeOrHaltFailureHandler())
+ .setDataStorageConfiguration(new DataStorageConfiguration())
Review Comment:
You invoke `setDataStorageConfiguration` twice
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@ignite.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org