You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-commits@hadoop.apache.org by we...@apache.org on 2017/07/07 13:10:45 UTC
hadoop git commit: HADOOP-14563.
LoadBalancingKMSClientProvider#warmUpEncryptedKeys swallows IOException.
Contributed by Rushabh S Shah.
Repository: hadoop
Updated Branches:
refs/heads/trunk 82cb2a649 -> 8153fe2bd
HADOOP-14563. LoadBalancingKMSClientProvider#warmUpEncryptedKeys swallows IOException. Contributed by Rushabh S Shah.
Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/8153fe2b
Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/8153fe2b
Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/8153fe2b
Branch: refs/heads/trunk
Commit: 8153fe2bd35fb4df0b64f93ac0046e34d4807ac3
Parents: 82cb2a6
Author: Wei-Chiu Chuang <we...@apache.org>
Authored: Fri Jul 7 06:13:10 2017 -0700
Committer: Wei-Chiu Chuang <we...@apache.org>
Committed: Fri Jul 7 06:13:10 2017 -0700
----------------------------------------------------------------------
.../key/kms/LoadBalancingKMSClientProvider.java | 12 +++-
.../kms/TestLoadBalancingKMSClientProvider.java | 63 ++++++++++++++++++++
2 files changed, 74 insertions(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/hadoop/blob/8153fe2b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/kms/LoadBalancingKMSClientProvider.java
----------------------------------------------------------------------
diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/kms/LoadBalancingKMSClientProvider.java b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/kms/LoadBalancingKMSClientProvider.java
index aa24993..de9c988 100644
--- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/kms/LoadBalancingKMSClientProvider.java
+++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/kms/LoadBalancingKMSClientProvider.java
@@ -39,6 +39,7 @@ import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import com.google.common.annotations.VisibleForTesting;
+import com.google.common.base.Preconditions;
/**
* A simple LoadBalancing KMSClientProvider that round-robins requests
@@ -159,15 +160,24 @@ public class LoadBalancingKMSClientProvider extends KeyProvider implements
// This request is sent to all providers in the load-balancing group
@Override
public void warmUpEncryptedKeys(String... keyNames) throws IOException {
+ Preconditions.checkArgument(providers.length > 0,
+ "No providers are configured");
+ boolean success = false;
+ IOException e = null;
for (KMSClientProvider provider : providers) {
try {
provider.warmUpEncryptedKeys(keyNames);
+ success = true;
} catch (IOException ioe) {
+ e = ioe;
LOG.error(
"Error warming up keys for provider with url"
- + "[" + provider.getKMSUrl() + "]");
+ + "[" + provider.getKMSUrl() + "]", ioe);
}
}
+ if (!success && e != null) {
+ throw e;
+ }
}
// This request is sent to all providers in the load-balancing group
http://git-wip-us.apache.org/repos/asf/hadoop/blob/8153fe2b/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/crypto/key/kms/TestLoadBalancingKMSClientProvider.java
----------------------------------------------------------------------
diff --git a/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/crypto/key/kms/TestLoadBalancingKMSClientProvider.java b/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/crypto/key/kms/TestLoadBalancingKMSClientProvider.java
index 499b991..d14dd59 100644
--- a/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/crypto/key/kms/TestLoadBalancingKMSClientProvider.java
+++ b/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/crypto/key/kms/TestLoadBalancingKMSClientProvider.java
@@ -34,6 +34,7 @@ import org.apache.hadoop.crypto.key.KeyProvider;
import org.apache.hadoop.crypto.key.KeyProvider.Options;
import org.apache.hadoop.crypto.key.KeyProviderCryptoExtension;
import org.apache.hadoop.security.authentication.client.AuthenticationException;
+import org.apache.hadoop.security.authorize.AuthorizationException;
import org.junit.Test;
import org.mockito.Mockito;
@@ -257,4 +258,66 @@ public class TestLoadBalancingKMSClientProvider {
"AuthenticationException"));
}
}
+
+ /**
+ * tests {@link LoadBalancingKMSClientProvider#warmUpEncryptedKeys(String...)}
+ * error handling in case when all the providers throws {@link IOException}.
+ * @throws Exception
+ */
+ @Test
+ public void testWarmUpEncryptedKeysWhenAllProvidersFail() throws Exception {
+ Configuration conf = new Configuration();
+ KMSClientProvider p1 = mock(KMSClientProvider.class);
+ String keyName = "key1";
+ Mockito.doThrow(new IOException(new AuthorizationException("p1"))).when(p1)
+ .warmUpEncryptedKeys(Mockito.anyString());
+ KMSClientProvider p2 = mock(KMSClientProvider.class);
+ Mockito.doThrow(new IOException(new AuthorizationException("p2"))).when(p2)
+ .warmUpEncryptedKeys(Mockito.anyString());
+
+ when(p1.getKMSUrl()).thenReturn("p1");
+ when(p2.getKMSUrl()).thenReturn("p2");
+
+ LoadBalancingKMSClientProvider kp = new LoadBalancingKMSClientProvider(
+ new KMSClientProvider[] {p1, p2}, 0, conf);
+ try {
+ kp.warmUpEncryptedKeys(keyName);
+ fail("Should fail since both providers threw IOException");
+ } catch (Exception e) {
+ assertTrue(e.getCause() instanceof IOException);
+ }
+ Mockito.verify(p1, Mockito.times(1)).warmUpEncryptedKeys(keyName);
+ Mockito.verify(p2, Mockito.times(1)).warmUpEncryptedKeys(keyName);
+ }
+
+ /**
+ * tests {@link LoadBalancingKMSClientProvider#warmUpEncryptedKeys(String...)}
+ * error handling in case atleast one provider succeeds.
+ * @throws Exception
+ */
+ @Test
+ public void testWarmUpEncryptedKeysWhenOneProviderSucceeds()
+ throws Exception {
+ Configuration conf = new Configuration();
+ KMSClientProvider p1 = mock(KMSClientProvider.class);
+ String keyName = "key1";
+ Mockito.doThrow(new IOException(new AuthorizationException("p1"))).when(p1)
+ .warmUpEncryptedKeys(Mockito.anyString());
+ KMSClientProvider p2 = mock(KMSClientProvider.class);
+ Mockito.doNothing().when(p2)
+ .warmUpEncryptedKeys(Mockito.anyString());
+
+ when(p1.getKMSUrl()).thenReturn("p1");
+ when(p2.getKMSUrl()).thenReturn("p2");
+
+ LoadBalancingKMSClientProvider kp = new LoadBalancingKMSClientProvider(
+ new KMSClientProvider[] {p1, p2}, 0, conf);
+ try {
+ kp.warmUpEncryptedKeys(keyName);
+ } catch (Exception e) {
+ fail("Should not throw Exception since p2 doesn't throw Exception");
+ }
+ Mockito.verify(p1, Mockito.times(1)).warmUpEncryptedKeys(keyName);
+ Mockito.verify(p2, Mockito.times(1)).warmUpEncryptedKeys(keyName);
+ }
}
---------------------------------------------------------------------
To unsubscribe, e-mail: common-commits-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-commits-help@hadoop.apache.org