@Override public boolean get() throws Exception { Thread.sleep(3000); miniCluster.killAllMasterServers(); miniCluster.startAllMasterServers(); try { client.listTabletServers(); } catch (Exception e) { if (e.toString().contains(exceptionSubstring)) { return true; } throw e; } return false; } }, 60000);
private void checkClientCanReconnect(KuduClient client) throws IOException { // Cycle the masters to ensure that we have to re-connect and thus // re-negotiate an authenticated RPC connection. Without this step, // we'd just hang onto our existing authenticated connections which // would continue to work even though our credentials might have // expired (we only authenticate when a connection is negotiated, not // for each call). miniCluster.killAllMasterServers(); miniCluster.startAllMasterServers(); client.listTabletServers(); }
/** * Test that a client is able to connect to masters using valid tokens * after all masters were killed and restarted, and before a leader is * elected. Leader election time is configured to be long enough using * '--leader_failure_max_missed_heartbeat_periods'. */ @Test public void testConnectToNonLeaderMasters() throws Exception { startCluster(ImmutableSet.of(Option.LONG_LEADER_ELECTION)); System.err.println("=> started cluster"); byte[] authnData = client.exportAuthenticationCredentials(); System.err.println("=> exported auth"); assertNotNull(authnData); String oldTicketCache = System.getProperty(SecurityUtil.KUDU_TICKETCACHE_PROPERTY); System.clearProperty(SecurityUtil.KUDU_TICKETCACHE_PROPERTY); try { KuduClient newClient = createClient(); newClient.importAuthenticationCredentials(authnData); System.err.println("=> imported auth"); miniCluster.killAllMasterServers(); miniCluster.startAllMasterServers(); newClient.listTabletServers(); System.err.println("=> listTabletServers"); } finally { System.setProperty(SecurityUtil.KUDU_TICKETCACHE_PROPERTY, oldTicketCache); } }
c = new KuduClient.KuduClientBuilder(masterAddr).build(); c.listTabletServers(); successes++; } catch (Exception e) {
newClient.listTabletServers(); Assert.fail("should not have been able to connect to a secure cluster " + "with no credentials");
private void startCluster(Set<Option> opts) throws IOException { MiniKuduClusterBuilder mcb = new MiniKuduClusterBuilder(); mcb.enableKerberos(); if (opts.contains(Option.LONG_LEADER_ELECTION)) { mcb.addMasterServerFlag("--leader_failure_max_missed_heartbeat_periods=10.0"); } if (opts.contains(Option.SHORT_TOKENS_AND_TICKETS)) { mcb.addMasterServerFlag("--authn_token_validity_seconds=" + TICKET_LIFETIME_SECS) .kdcRenewLifetime(RENEWABLE_LIFETIME_SECS + "s") .kdcTicketLifetime(TICKET_LIFETIME_SECS + "s"); } miniCluster = mcb.numMasterServers(3) .numTabletServers(opts.contains(Option.START_TSERVERS) ? 3 : 0) .build(); miniCluster.kinit("test-admin"); client = new KuduClient.KuduClientBuilder(miniCluster.getMasterAddressesAsString()).build(); // TODO(todd): it seems that exportAuthenticationCredentials() doesn't properly retry // in the case that there is no leader, even though NoLeaderFoundException is a RecoverableException. // So, we have to use a hack of calling listTabletServers, which _does_ properly retry, // in order to wait for the masters to elect a leader. client.listTabletServers(); }
newClient.listTabletServers(); Assert.fail("should not have been able to connect to a secure cluster " + "with no credentials");
@Override @SuppressWarnings("AssertionFailureIgnored") public void run() { final String tableName = "TestAuthnTokenReacquire-table-" + threadIdx; try { ListTabletServersResponse response = client.listTabletServers(); assertNotNull(response); dropConnectionsAndExpireToken(); ListTablesResponse tableList = client.getTablesList(tableName); assertNotNull(tableList); assertTrue(tableList.getTablesList().isEmpty()); dropConnectionsAndExpireToken(); client.createTable(tableName, basicSchema, getBasicCreateTableOptions()); dropConnectionsAndExpireToken(); KuduTable table = client.openTable(tableName); assertEquals(basicSchema.getColumnCount(), table.getSchema().getColumnCount()); dropConnectionsAndExpireToken(); client.deleteTable(tableName); assertFalse(client.tableExists(tableName)); } catch (Throwable e) { //noinspection ThrowableResultOfMethodCallIgnored exceptions.put(threadIdx, e); } } });
client.listTabletServers(); fail(); } catch (KuduException e) { Client.AuthenticationCredentialsPB.newBuilder().setRealUser("token-user").build(); client.importAuthenticationCredentials(credentials.toByteArray()); client.listTabletServers();
/** * Test that the client properly falls back to the old GetMasterRegistration * RPC when connecting to a master which does not support the new * ConnectToMaster RPC. */ @Test(timeout=60000) public void testFallbackConnectRpc() throws Exception { MiniKuduCluster cluster = new MiniKuduCluster.MiniKuduClusterBuilder() .addMasterServerFlag("--master_support_connect_to_master_rpc=0") .numMasterServers(1) .numTabletServers(0) .build(); KuduClient c = null; try { c = new KuduClient.KuduClientBuilder(cluster.getMasterAddressesAsString()) .build(); // Call some method which uses the master. This forces us to connect // and verifies that the fallback works. c.listTabletServers(); } finally { if (c != null) { c.close(); } cluster.shutdown(); } }
ListTabletServersResponse response = client.listTabletServers(); assertNotNull(response); dropConnections();
lowTimeoutsClient.listTabletServers(); fail("Should have timed out"); } catch (KuduException ex) {