You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ozone.apache.org by xy...@apache.org on 2021/05/12 16:44:59 UTC
[ozone] branch master updated (7262004 -> 842e6f6)
This is an automated email from the ASF dual-hosted git repository.
xyao pushed a change to branch master
in repository https://gitbox.apache.org/repos/asf/ozone.git.
from 7262004 HDDS-5089. On-demand disk checker for hdds volume (#2158)
add 842e6f6 HDDS-4729. Add token support for container admin operations (#2186)
No new revisions were added by this update.
Summary of changes:
.github/workflows/post-commit.yml | 2 +-
.../org/apache/hadoop/hdds/HddsConfigKeys.java | 3 +
.../java/org/apache/hadoop/hdds/HddsUtils.java | 15 ++
.../protocol/StorageContainerLocationProtocol.java | 8 +
.../security/token/ContainerTokenIdentifier.java | 103 ++++++++
.../security/token/OzoneBlockTokenIdentifier.java | 146 +++++------
.../security/token/ShortLivedTokenIdentifier.java | 112 ++++++++
.../hadoop/hdds/security/x509/SecurityConfig.java | 16 ++
.../common/src/main/resources/ozone-default.xml | 6 +
.../ozone/container/ContainerTestHelper.java | 45 +---
.../container/common/impl/HddsDispatcher.java | 25 +-
.../ozone/container/ozoneimpl/OzoneContainer.java | 6 +-
hadoop-hdds/framework/pom.xml | 6 +
.../hadoop/hdds/scm}/protocolPB/OzonePBHelper.java | 46 ++--
...inerLocationProtocolClientSideTranslatorPB.java | 19 ++
.../hadoop/hdds}/security/OzoneSecretKey.java | 4 +-
.../hadoop/hdds}/security/OzoneSecretManager.java | 2 +-
.../hdds}/security/OzoneSecurityException.java | 2 +-
.../apache/hadoop/hdds/security}/package-info.java | 6 +-
.../hdds/security/token/BlockTokenVerifier.java | 149 +++--------
.../security/token/CompositeTokenVerifier.java} | 42 ++-
.../token/ContainerTokenSecretManager.java} | 35 +--
.../security/token/ContainerTokenVerifier.java | 51 ++++
.../hdds/security/token/NoopTokenVerifier.java | 25 +-
.../token/ShortLivedTokenSecretManager.java | 107 ++++++++
.../security/token/ShortLivedTokenVerifier.java | 134 ++++++++++
.../hadoop/hdds/security/token/TokenVerifier.java | 63 ++++-
.../x509/certificate/client/CertificateClient.java | 15 +-
.../security/token/TestBlockTokenVerifier.java | 75 ++++++
.../security/token/TestContainerTokenVerifier.java | 75 ++++++
.../token/TestOzoneBlockTokenIdentifier.java | 2 +-
.../hdds/security/token/TokenVerifierTests.java | 242 +++++++++++++++++
.../src/main/proto/ScmAdminProtocol.proto | 18 ++
.../interface-client/src/main/proto/hdds.proto | 16 ++
...inerLocationProtocolServerSideTranslatorPB.java | 22 ++
.../hdds/scm/server/SCMClientProtocolServer.java | 26 +-
.../hdds/scm/server/StorageContainerManager.java | 77 +++++-
.../hdds/scm/cli/ContainerOperationClient.java | 30 ++-
hadoop-ozone/dist/src/main/compose/ozone/test.sh | 1 +
.../src/main/compose/ozonesecure-ha/docker-config | 1 +
.../src/main/compose/ozonesecure-mr/docker-config | 1 +
.../src/main/compose/ozonesecure/docker-config | 1 +
.../src/main/smoketest/admincli/container.robot | 8 +
.../src/main/smoketest/admincli/pipeline.robot | 1 +
.../smoketest/admincli/replicationmanager.robot | 1 +
.../dist/src/main/smoketest/commonlib.robot | 11 +
.../org/apache/hadoop/ozone/RatisTestHelper.java | 33 +++
.../ozone/client/rpc/Test2WayCommitInRatis.java | 3 +-
.../TestContainerStateMachineFailureOnRead.java | 6 +-
.../client/rpc/TestDeleteWithSlowFollower.java | 10 +-
.../ozone/client/rpc/TestSecureOzoneRpcClient.java | 12 -
.../ozone/client/rpc/TestWatchForCommit.java | 3 +-
.../ozoneimpl/TestOzoneContainerWithTLS.java | 11 +-
.../ozoneimpl/TestSecureOzoneContainer.java | 151 +++++------
.../server/TestSecureContainerServer.java | 183 +++++++------
.../org/apache/hadoop/ozone/om/KeyManagerImpl.java | 8 +-
.../org/apache/hadoop/ozone/om/OzoneManager.java | 31 +--
.../hadoop/ozone/om/S3SecretManagerImpl.java | 4 +-
.../hadoop/ozone/om/request/key/OMKeyRequest.java | 9 +-
.../security/OzoneBlockTokenSecretManager.java | 86 ++-----
.../OzoneDelegationTokenSecretManager.java | 1 +
.../security/TestOzoneBlockTokenSecretManager.java | 285 ++++++++++++---------
62 files changed, 1862 insertions(+), 775 deletions(-)
create mode 100644 hadoop-hdds/common/src/main/java/org/apache/hadoop/hdds/security/token/ContainerTokenIdentifier.java
create mode 100644 hadoop-hdds/common/src/main/java/org/apache/hadoop/hdds/security/token/ShortLivedTokenIdentifier.java
rename hadoop-hdds/{container-service => common}/src/test/java/org/apache/hadoop/ozone/container/ContainerTestHelper.java (92%)
copy {hadoop-ozone/common/src/main/java/org/apache/hadoop/ozone => hadoop-hdds/framework/src/main/java/org/apache/hadoop/hdds/scm}/protocolPB/OzonePBHelper.java (63%)
rename {hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone => hadoop-hdds/framework/src/main/java/org/apache/hadoop/hdds}/security/OzoneSecretKey.java (97%)
rename {hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone => hadoop-hdds/framework/src/main/java/org/apache/hadoop/hdds}/security/OzoneSecretManager.java (99%)
rename {hadoop-ozone/common/src/main/java/org/apache/hadoop/ozone => hadoop-hdds/framework/src/main/java/org/apache/hadoop/hdds}/security/OzoneSecurityException.java (98%)
copy {hadoop-ozone/tools/src/main/java/org/apache/hadoop/ozone/admin/scm => hadoop-hdds/framework/src/main/java/org/apache/hadoop/hdds/security}/package-info.java (90%)
copy hadoop-hdds/{container-service/src/main/java/org/apache/hadoop/ozone/container/common/volume/ImmutableVolumeSet.java => framework/src/main/java/org/apache/hadoop/hdds/security/token/CompositeTokenVerifier.java} (52%)
copy hadoop-hdds/{common/src/main/java/org/apache/hadoop/hdds/fs/SpaceUsageSource.java => framework/src/main/java/org/apache/hadoop/hdds/security/token/ContainerTokenSecretManager.java} (52%)
create mode 100644 hadoop-hdds/framework/src/main/java/org/apache/hadoop/hdds/security/token/ContainerTokenVerifier.java
copy hadoop-ozone/common/src/main/java/org/apache/hadoop/ozone/om/exceptions/OMLeaderNotReadyException.java => hadoop-hdds/framework/src/main/java/org/apache/hadoop/hdds/security/token/NoopTokenVerifier.java (59%)
create mode 100644 hadoop-hdds/framework/src/main/java/org/apache/hadoop/hdds/security/token/ShortLivedTokenSecretManager.java
create mode 100644 hadoop-hdds/framework/src/main/java/org/apache/hadoop/hdds/security/token/ShortLivedTokenVerifier.java
create mode 100644 hadoop-hdds/framework/src/test/java/org/apache/hadoop/hdds/security/token/TestBlockTokenVerifier.java
create mode 100644 hadoop-hdds/framework/src/test/java/org/apache/hadoop/hdds/security/token/TestContainerTokenVerifier.java
create mode 100644 hadoop-hdds/framework/src/test/java/org/apache/hadoop/hdds/security/token/TokenVerifierTests.java
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@ozone.apache.org
For additional commands, e-mail: commits-help@ozone.apache.org