You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sentry.apache.org by co...@apache.org on 2015/11/03 02:29:53 UTC

incubator-sentry git commit: SENTRY-902: SimpleDBProviderBackend should retry the authrization process properly (Yibing Shi via Colin Ma, Reviewed by Colin Ma, Sravya Tirukkovalur)

Repository: incubator-sentry
Updated Branches:
  refs/heads/master a1feebe2e -> cccebe099


SENTRY-902: SimpleDBProviderBackend should retry the authrization process properly (Yibing Shi via Colin Ma, Reviewed by Colin Ma, Sravya Tirukkovalur)


Project: http://git-wip-us.apache.org/repos/asf/incubator-sentry/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-sentry/commit/cccebe09
Tree: http://git-wip-us.apache.org/repos/asf/incubator-sentry/tree/cccebe09
Diff: http://git-wip-us.apache.org/repos/asf/incubator-sentry/diff/cccebe09

Branch: refs/heads/master
Commit: cccebe099e2a7b54734aef4fc91cd212edde6a4d
Parents: a1feebe
Author: Colin Ma <co...@apache.org>
Authored: Tue Nov 3 09:02:40 2015 +0800
Committer: Colin Ma <co...@apache.org>
Committed: Tue Nov 3 09:02:40 2015 +0800

----------------------------------------------------------------------
 .../provider/db/SimpleDBProviderBackend.java    | 37 +++++++++++++-------
 .../sentry/service/thrift/ServiceConstants.java |  6 ++++
 2 files changed, 30 insertions(+), 13 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/cccebe09/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SimpleDBProviderBackend.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SimpleDBProviderBackend.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SimpleDBProviderBackend.java
index 191e099..ff25d95 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SimpleDBProviderBackend.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SimpleDBProviderBackend.java
@@ -26,6 +26,7 @@ import org.apache.sentry.provider.common.ProviderBackend;
 import org.apache.sentry.provider.common.ProviderBackendContext;
 import org.apache.sentry.provider.db.service.thrift.SentryPolicyServiceClient;
 import org.apache.sentry.service.thrift.SentryServiceClientFactory;
+import org.apache.sentry.service.thrift.ServiceConstants;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -37,6 +38,8 @@ public class SimpleDBProviderBackend implements ProviderBackend {
       .getLogger(SimpleDBProviderBackend.class);
 
   private Configuration conf;
+  private int retryCount;
+  private int retryIntervalSec;
 
   public SimpleDBProviderBackend(Configuration conf, String resourcePath) throws Exception {
     // DB Provider doesn't use policy file path
@@ -45,6 +48,8 @@ public class SimpleDBProviderBackend implements ProviderBackend {
 
   public SimpleDBProviderBackend(Configuration conf) throws Exception {
     this.conf = conf;
+    this.retryCount = conf.getInt(ServiceConstants.ClientConfig.RETRY_COUNT_CONF, ServiceConstants.ClientConfig.RETRY_COUNT_DEFAULT);
+    this.retryIntervalSec = conf.getInt(ServiceConstants.ClientConfig.RETRY_INTERVAL_SEC_CONF, ServiceConstants.ClientConfig.RETRY_INTERVAL_SEC_DEFAULT);
   }
   /**
    * {@inheritDoc}
@@ -59,33 +64,39 @@ public class SimpleDBProviderBackend implements ProviderBackend {
    */
   @Override
   public ImmutableSet<String> getPrivileges(Set<String> groups, ActiveRoleSet roleSet, Authorizable... authorizableHierarchy) {
-    return getPrivileges(1, groups, roleSet, authorizableHierarchy);
+    return getPrivileges(retryCount, groups, roleSet, authorizableHierarchy);
   }
 
   private ImmutableSet<String> getPrivileges(int retryCount, Set<String> groups, ActiveRoleSet roleSet, Authorizable... authorizableHierarchy) {
-    SentryPolicyServiceClient policyServiceClient = null;
-    try {
-      policyServiceClient = SentryServiceClientFactory.create(conf);
-    } catch (Exception e) {
-      LOGGER.error("Error connecting to Sentry ['{}'] !!",
-          e.getMessage());
-    }
-    if(policyServiceClient!= null) {
+    int retries = Math.max(retryCount + 1, 1); // if customer configs retryCount as Integer.MAX_VALUE, try only once
+    while (retries > 0) {
+      retries--;
+      SentryPolicyServiceClient policyServiceClient = null;
       try {
+        policyServiceClient = SentryServiceClientFactory.create(conf);
         return ImmutableSet.copyOf(policyServiceClient.listPrivilegesForProvider(groups, roleSet, authorizableHierarchy));
       } catch (Exception e) {
-        if (retryCount > 0) {
-          return getPrivileges(retryCount - 1, groups, roleSet, authorizableHierarchy);
+        //TODO: differentiate transient errors and permanent errors
+        String msg = "Unable to obtain privileges from server: " + e.getMessage() + ".";
+        if (retries > 0) {
+          LOGGER.warn(msg +  " Will retry for " + retries + " time(s)");
         } else {
-          String msg = "Unable to obtain privileges from server: " + e.getMessage();
           LOGGER.error(msg, e);
         }
+        if (retries > 0) {
+          try {
+            Thread.sleep(retryIntervalSec * 1000);
+          } catch (InterruptedException e1) {
+            LOGGER.info("Sleeping is interrupted.", e1);
+          }
+        }
       } finally {
         if(policyServiceClient != null) {
           policyServiceClient.close();
         }
       }
     }
+
     return ImmutableSet.of();
   }
 
@@ -101,7 +112,7 @@ public class SimpleDBProviderBackend implements ProviderBackend {
   public void close() {
     //Noop
   }
-  
+
   /**
    * SimpleDBProviderBackend does not implement validatePolicy()
    */

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/cccebe09/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/ServiceConstants.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/ServiceConstants.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/ServiceConstants.java
index d8afbae..5847cb5 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/ServiceConstants.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/ServiceConstants.java
@@ -207,6 +207,12 @@ public class ServiceConstants {
     // max message size for thrift messages
     public static String SENTRY_POLICY_CLIENT_THRIFT_MAX_MESSAGE_SIZE = "sentry.policy.client.thrift.max.message.size";
     public static long SENTRY_POLICY_CLIENT_THRIFT_MAX_MESSAGE_SIZE_DEFAULT = 100 * 1024 * 1024;
+
+    // client retry settings
+    public static final String RETRY_COUNT_CONF = "sentry.provider.backend.db.retry.count";
+    public static final int RETRY_COUNT_DEFAULT = 3;
+    public static final String RETRY_INTERVAL_SEC_CONF = "sentry.provider.backend.db.retry.interval.seconds";
+    public static final int RETRY_INTERVAL_SEC_DEFAULT = 30;
   }
 
   /**