@Override public void nodeCreated(String path) { if (path.equals(labelZnode) || path.equals(userAuthsZnode)) { try { ZKUtil.watchAndCheckExists(watcher, path); } catch (KeeperException ke) { LOG.error("Error setting watcher on node " + path, ke); // only option is to abort watcher.abort("ZooKeeper error obtaining label node children", ke); } } }
@Override public void run() { try { List<ZKUtil.NodeAndData> nodes = ZKUtil.getChildDataAndWatchForNewChildren(watcher, aclZNode); refreshNodes(nodes); } catch (KeeperException ke) { LOG.error("Error reading data from zookeeper", ke); // only option is to abort watcher.abort("ZooKeeper error obtaining acl node children", ke); } } });
/** * Write a labels mirror or user auths mirror into zookeeper * * @param data * @param labelsOrUserAuths true for writing labels and false for user auths. */ public void writeToZookeeper(byte[] data, boolean labelsOrUserAuths) { String znode = this.labelZnode; if (!labelsOrUserAuths) { znode = this.userAuthsZnode; } try { ZKUtil.updateExistingNodeData(watcher, znode, data, -1); } catch (KeeperException e) { LOG.error("Failed writing to " + znode, e); watcher.abort("Failed writing node " + znode + " to zookeeper", e); } } }
@Override public void nodeCreated(String path) { if (path.equals(keysParentZNode)) { try { List<ZKUtil.NodeAndData> nodes = ZKUtil.getChildDataAndWatchForNewChildren(watcher, keysParentZNode); refreshNodes(nodes); } catch (KeeperException ke) { LOG.error(HBaseMarkers.FATAL, "Error reading data from zookeeper", ke); watcher.abort("Error reading new key znode "+path, ke); } } }
@Override public void nodeChildrenChanged(String path) { if (path.equals(keysParentZNode)) { // keys changed try { List<ZKUtil.NodeAndData> nodes = ZKUtil.getChildDataAndWatchForNewChildren(watcher, keysParentZNode); refreshNodes(nodes); } catch (KeeperException ke) { LOG.error(HBaseMarkers.FATAL, "Error reading data from zookeeper", ke); watcher.abort("Error reading changed keys from zookeeper", ke); } } }
@Override public void run() { // update cache on an existing table node String entry = ZKUtil.getNodeName(path); try { byte[] data = ZKUtil.getDataAndWatch(watcher, path); refreshAuthManager(entry, data); } catch (KeeperException ke) { LOG.error("Error reading data from zookeeper for node " + entry, ke); // only option is to abort watcher.abort("ZooKeeper error getting data for node " + entry, ke); } catch (IOException ioe) { LOG.error("Error reading permissions writables", ioe); } } });
/** * refresh keys */ synchronized void refreshKeys() { try { List<ZKUtil.NodeAndData> nodes = ZKUtil.getChildDataAndWatchForNewChildren(watcher, keysParentZNode); refreshNodes(nodes); } catch (KeeperException ke) { LOG.error(HBaseMarkers.FATAL, "Error reading data from zookeeper", ke); watcher.abort("Error reading changed keys from zookeeper", ke); } }
private void handleLeaderChange() { try { synchronized(lock) { if (ZKUtil.watchAndCheckExists(watcher, leaderZNode)) { LOG.info("Found new leader for znode: "+leaderZNode); leaderExists.set(true); } else { LOG.info("Leader change, but no new leader found"); leaderExists.set(false); lock.notifyAll(); } } } catch (KeeperException ke) { watcher.abort("ZooKeeper error checking for leader znode", ke); candidate.stop("ZooKeeper error checking for leader: "+ke.getMessage()); } }
@Override public void nodeDataChanged(String path) { if (keysParentZNode.equals(ZKUtil.getParent(path))) { try { byte[] data = ZKUtil.getDataAndWatch(watcher, path); if (data == null || data.length == 0) { LOG.debug("Ignoring empty node "+path); return; } AuthenticationKey key = (AuthenticationKey)Writables.getWritable(data, new AuthenticationKey()); secretManager.addKey(key); } catch (KeeperException ke) { LOG.error(HBaseMarkers.FATAL, "Error reading data from zookeeper", ke); watcher.abort("Error reading updated key znode "+path, ke); } catch (IOException ioe) { LOG.error(HBaseMarkers.FATAL, "Error reading key writables", ioe); watcher.abort("Error reading key writables from znode "+path, ioe); } } }
@Override public void nodeDataChanged(String path) { if (path.equals(labelZnode) || path.equals(userAuthsZnode)) { try { watcher.sync(path); byte[] data = ZKUtil.getDataAndWatch(watcher, path); if (path.equals(labelZnode)) { refreshVisibilityLabelsCache(data); } else { refreshUserAuthsCache(data); } } catch (KeeperException ke) { LOG.error("Error reading data from zookeeper for node " + path, ke); // only option is to abort watcher.abort("ZooKeeper error getting data for node " + path, ke); } } }
/** * Removes the leader znode, if it is currently claimed by this instance. */ public void stepDownAsLeader() { try { synchronized(lock) { if (!leaderExists.get()) { return; } byte[] leaderId = ZKUtil.getData(watcher, leaderZNode); if (leaderId != null && Bytes.equals(nodeId, leaderId)) { LOG.info("Stepping down as leader"); ZKUtil.deleteNodeFailSilent(watcher, leaderZNode); leaderExists.set(false); } else { LOG.info("Not current leader, no need to step down"); } } } catch (KeeperException ke) { watcher.abort("Unhandled zookeeper exception removing leader node", ke); candidate.stop("Unhandled zookeeper exception removing leader node: " + ke.getMessage()); } catch (InterruptedException e) { watcher.abort("Unhandled zookeeper exception removing leader node", e); candidate.stop("Unhandled zookeeper exception removing leader node: " + e.getMessage()); } }
/*** * Delete the acl notify node of namespace */ public void deleteNamespaceACLNode(final String namespace) { String zkNode = ZNodePaths.joinZNode(watcher.getZNodePaths().baseZNode, ACL_NODE); zkNode = ZNodePaths.joinZNode(zkNode, AccessControlLists.NAMESPACE_PREFIX + namespace); try { ZKUtil.deleteNode(watcher, zkNode); } catch (KeeperException.NoNodeException e) { LOG.warn("No acl notify node of namespace '" + namespace + "'"); } catch (KeeperException e) { LOG.error("Failed deleting acl node of namespace '" + namespace + "'", e); watcher.abort("Failed deleting node " + zkNode, e); } } }
/** * Releases the resources for the given AuthManager if the reference count is down to 0. * @param instance AuthManager to be released */ public synchronized static void release(AuthManager instance) { if (refCount.get(instance) == null || refCount.get(instance) < 1) { String msg = "Something wrong with the AuthManager reference counting: " + instance + " whose count is " + refCount.get(instance); LOG.error(HBaseMarkers.FATAL, msg); instance.close(); managerMap.remove(instance.getZKPermissionWatcher().getWatcher()); instance.getZKPermissionWatcher().getWatcher().abort(msg, null); } else { int ref = refCount.get(instance); --ref; refCount.put(instance, ref); if (ref == 0) { instance.close(); managerMap.remove(instance.getZKPermissionWatcher().getWatcher()); refCount.remove(instance); } } } }
/*** * Delete the acl notify node of table * @param tableName */ public void deleteTableACLNode(final TableName tableName) { String zkNode = ZNodePaths.joinZNode(watcher.getZNodePaths().baseZNode, ACL_NODE); zkNode = ZNodePaths.joinZNode(zkNode, tableName.getNameAsString()); try { ZKUtil.deleteNode(watcher, zkNode); } catch (KeeperException.NoNodeException e) { LOG.warn("No acl notify node of table '" + tableName + "'"); } catch (KeeperException e) { LOG.error("Failed deleting acl node of table '" + tableName + "'", e); watcher.abort("Failed deleting node " + zkNode, e); } }
public void addKeyToZK(AuthenticationKey key) { String keyZNode = getKeyNode(key.getKeyId()); try { byte[] keyData = Writables.getBytes(key); // TODO: is there any point in retrying beyond what ZK client does? ZKUtil.createSetData(watcher, keyZNode, keyData); } catch (KeeperException ke) { LOG.error(HBaseMarkers.FATAL, "Unable to synchronize master key "+key.getKeyId()+ " to znode "+keyZNode, ke); watcher.abort("Unable to synchronize secret key "+ key.getKeyId()+" in zookeeper", ke); } catch (IOException ioe) { // this can only happen from an error serializing the key watcher.abort("Failed serializing key "+key.getKeyId(), ioe); } }
public void removeKeyFromZK(AuthenticationKey key) { String keyZNode = getKeyNode(key.getKeyId()); try { ZKUtil.deleteNode(watcher, keyZNode); } catch (KeeperException.NoNodeException nne) { LOG.error("Non-existent znode "+keyZNode+" for key "+key.getKeyId(), nne); } catch (KeeperException ke) { LOG.error(HBaseMarkers.FATAL, "Failed removing znode "+keyZNode+" for key "+ key.getKeyId(), ke); watcher.abort("Unhandled zookeeper error removing znode "+keyZNode+ " for key "+key.getKeyId(), ke); } }
public void updateKeyInZK(AuthenticationKey key) { String keyZNode = getKeyNode(key.getKeyId()); try { byte[] keyData = Writables.getBytes(key); try { ZKUtil.updateExistingNodeData(watcher, keyZNode, keyData, -1); } catch (KeeperException.NoNodeException ne) { // node was somehow removed, try adding it back ZKUtil.createSetData(watcher, keyZNode, keyData); } } catch (KeeperException ke) { LOG.error(HBaseMarkers.FATAL, "Unable to update master key "+key.getKeyId()+ " in znode "+keyZNode); watcher.abort("Unable to synchronize secret key "+ key.getKeyId()+" in zookeeper", ke); } catch (IOException ioe) { // this can only happen from an error serializing the key watcher.abort("Failed serializing key "+key.getKeyId(), ioe); } }
/*** * Write a table's access controls to the permissions mirror in zookeeper * @param entry * @param permsData */ public void writeToZookeeper(byte[] entry, byte[] permsData) { String entryName = Bytes.toString(entry); String zkNode = ZNodePaths.joinZNode(watcher.getZNodePaths().baseZNode, ACL_NODE); zkNode = ZNodePaths.joinZNode(zkNode, entryName); try { ZKUtil.createWithParents(watcher, zkNode); ZKUtil.updateExistingNodeData(watcher, zkNode, permsData, -1); } catch (KeeperException e) { LOG.error("Failed updating permissions for entry '" + entryName + "'", e); watcher.abort("Failed writing node "+zkNode+" to zookeeper", e); } }
private void refreshNodes(List<ZKUtil.NodeAndData> nodes) { for (ZKUtil.NodeAndData n : nodes) { String path = n.getNode(); String keyId = ZKUtil.getNodeName(path); try { byte[] data = n.getData(); if (data == null || data.length == 0) { LOG.debug("Ignoring empty node "+path); continue; } AuthenticationKey key = (AuthenticationKey)Writables.getWritable( data, new AuthenticationKey()); secretManager.addKey(key); } catch (IOException ioe) { LOG.error(HBaseMarkers.FATAL, "Failed reading new secret key for id '" + keyId + "' from zk", ioe); watcher.abort("Error deserializing key from znode "+path, ioe); } } }
public void start() { try { watcher.registerListener(this); String parent = ZKUtil.getParent(leaderZNode); if (ZKUtil.checkExists(watcher, parent) < 0) { ZKUtil.createWithParents(watcher, parent); } } catch (KeeperException ke) { watcher.abort("Unhandled zk exception when starting", ke); candidate.stop("Unhandled zk exception starting up: "+ke.getMessage()); } }