Repository: bookkeeper Updated Branches: refs/heads/master 825e0e7b4 -> b30b527ba
BOOKKEEPER-390: Provide support for ZooKeeper authentication Author: eolivelli <[email protected]> Reviewers: Sijie Guo <[email protected]> Closes #76 from eolivelli/BOOKKEEPER-390 Project: http://git-wip-us.apache.org/repos/asf/bookkeeper/repo Commit: http://git-wip-us.apache.org/repos/asf/bookkeeper/commit/b30b527b Tree: http://git-wip-us.apache.org/repos/asf/bookkeeper/tree/b30b527b Diff: http://git-wip-us.apache.org/repos/asf/bookkeeper/diff/b30b527b Branch: refs/heads/master Commit: b30b527ba995978694ebf735c02b508374001021 Parents: 825e0e7 Author: eolivelli <[email protected]> Authored: Tue Mar 28 13:40:35 2017 -0700 Committer: Sijie Guo <[email protected]> Committed: Tue Mar 28 13:40:35 2017 -0700 ---------------------------------------------------------------------- .../org/apache/bookkeeper/bookie/Bookie.java | 9 +- .../org/apache/bookkeeper/bookie/Cookie.java | 9 +- .../bookie/ScanAndCompareGarbageCollector.java | 6 +- .../bookkeeper/client/BookKeeperAdmin.java | 12 +- .../apache/bookkeeper/client/BookieWatcher.java | 7 +- .../bookkeeper/conf/AbstractConfiguration.java | 21 ++++ .../meta/AbstractZkLedgerManager.java | 4 +- .../meta/FlatLedgerManagerFactory.java | 5 +- .../meta/HierarchicalLedgerManagerFactory.java | 5 +- .../apache/bookkeeper/meta/LedgerLayout.java | 6 +- .../bookkeeper/meta/LedgerManagerFactory.java | 6 +- .../bookkeeper/meta/MSLedgerManagerFactory.java | 6 +- .../bookkeeper/meta/ZkLedgerIdGenerator.java | 9 +- .../meta/ZkLedgerUnderreplicationManager.java | 28 +++-- .../bookkeeper/replication/AuditorElector.java | 10 +- .../apache/bookkeeper/util/LocalBookKeeper.java | 1 + .../org/apache/bookkeeper/util/ZkUtils.java | 11 ++ .../bookie/EnableZkSecurityBasicTest.java | 126 +++++++++++++++++++ .../bookie/TestGcOverreplicatedLedger.java | 3 +- .../bookkeeper/meta/LedgerLayoutTest.java | 5 +- .../bookkeeper/meta/TestLedgerManager.java | 7 +- .../meta/TestZkLedgerIdGenerator.java | 3 +- 22 files changed, 254 insertions(+), 45 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/bookkeeper/blob/b30b527b/bookkeeper-server/src/main/java/org/apache/bookkeeper/bookie/Bookie.java ---------------------------------------------------------------------- diff --git a/bookkeeper-server/src/main/java/org/apache/bookkeeper/bookie/Bookie.java b/bookkeeper-server/src/main/java/org/apache/bookkeeper/bookie/Bookie.java index 61ba9b1..c743ef4 100644 --- a/bookkeeper-server/src/main/java/org/apache/bookkeeper/bookie/Bookie.java +++ b/bookkeeper-server/src/main/java/org/apache/bookkeeper/bookie/Bookie.java @@ -75,7 +75,6 @@ import org.apache.zookeeper.WatchedEvent; import org.apache.zookeeper.Watcher; import org.apache.zookeeper.Watcher.Event.EventType; import org.apache.zookeeper.Watcher.Event.KeeperState; -import org.apache.zookeeper.ZooDefs.Ids; import org.apache.zookeeper.ZooKeeper; import org.apache.zookeeper.data.Stat; import org.slf4j.Logger; @@ -95,6 +94,8 @@ import static org.apache.bookkeeper.bookie.BookKeeperServerStats.READ_BYTES; import static org.apache.bookkeeper.bookie.BookKeeperServerStats.SERVER_STATUS; import static org.apache.bookkeeper.bookie.BookKeeperServerStats.WRITE_BYTES; import static org.apache.bookkeeper.bookie.BookKeeperServerStats.JOURNAL_SCOPE; +import org.apache.bookkeeper.util.ZkUtils; +import org.apache.zookeeper.data.ACL; /** * Implements a bookie. @@ -143,6 +144,7 @@ public class Bookie extends BookieCriticalThread { final protected String zkBookieRegPath; final protected String zkBookieReadOnlyPath; + final protected List<ACL> zkAcls; final private AtomicBoolean zkRegistered = new AtomicBoolean(false); final protected AtomicBoolean readOnly = new AtomicBoolean(false); @@ -648,6 +650,7 @@ public class Bookie extends BookieCriticalThread { public Bookie(ServerConfiguration conf, StatsLogger statsLogger) throws IOException, KeeperException, InterruptedException, BookieException { super("Bookie-" + conf.getBookiePort()); + this.zkAcls = ZkUtils.getACLs(conf); this.bookieRegistrationPath = conf.getZkAvailableBookiesPath() + "/"; this.bookieReadonlyRegistrationPath = this.bookieRegistrationPath + BookKeeperConstants.READONLY; @@ -1033,7 +1036,7 @@ public class Bookie extends BookieCriticalThread { try{ if (!checkRegNodeAndWaitExpired(regPath)) { // Create the ZK ephemeral node for this Bookie. - zk.create(regPath, new byte[0], Ids.OPEN_ACL_UNSAFE, + zk.create(regPath, new byte[0], zkAcls, CreateMode.EPHEMERAL); LOG.info("Registered myself in ZooKeeper at {}.", regPath); } @@ -1141,7 +1144,7 @@ public class Bookie extends BookieCriticalThread { if (null == zk.exists(this.bookieReadonlyRegistrationPath, false)) { try { zk.create(this.bookieReadonlyRegistrationPath, new byte[0], - Ids.OPEN_ACL_UNSAFE, CreateMode.PERSISTENT); + zkAcls, CreateMode.PERSISTENT); } catch (NodeExistsException e) { // this node is just now created by someone. } http://git-wip-us.apache.org/repos/asf/bookkeeper/blob/b30b527b/bookkeeper-server/src/main/java/org/apache/bookkeeper/bookie/Cookie.java ---------------------------------------------------------------------- diff --git a/bookkeeper-server/src/main/java/org/apache/bookkeeper/bookie/Cookie.java b/bookkeeper-server/src/main/java/org/apache/bookkeeper/bookie/Cookie.java index 691dc1d..b1aa2dc 100644 --- a/bookkeeper-server/src/main/java/org/apache/bookkeeper/bookie/Cookie.java +++ b/bookkeeper-server/src/main/java/org/apache/bookkeeper/bookie/Cookie.java @@ -47,14 +47,16 @@ import org.apache.bookkeeper.versioning.Version; import org.apache.bookkeeper.versioning.Versioned; import org.apache.zookeeper.CreateMode; import org.apache.zookeeper.KeeperException; -import org.apache.zookeeper.ZooDefs.Ids; import org.apache.zookeeper.ZooKeeper; +import org.apache.zookeeper.data.ACL; import org.apache.zookeeper.data.Stat; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import com.google.common.collect.Sets; import com.google.protobuf.TextFormat; +import java.util.List; +import org.apache.bookkeeper.util.ZkUtils; /** * When a bookie starts for the first time it generates a cookie, and stores @@ -249,6 +251,7 @@ class Cookie { */ void writeToZooKeeper(ZooKeeper zk, ServerConfiguration conf, Version version) throws KeeperException, InterruptedException, UnknownHostException { + List<ACL> zkAcls = ZkUtils.getACLs(conf); String bookieCookiePath = conf.getZkLedgersRootPath() + "/" + BookKeeperConstants.COOKIE_NODE; String zkPath = getZkPath(conf); @@ -257,14 +260,14 @@ class Cookie { if (zk.exists(bookieCookiePath, false) == null) { try { zk.create(bookieCookiePath, new byte[0], - Ids.OPEN_ACL_UNSAFE, CreateMode.PERSISTENT); + zkAcls, CreateMode.PERSISTENT); } catch (KeeperException.NodeExistsException nne) { LOG.info("More than one bookie tried to create {} at once. Safe to ignore", bookieCookiePath); } } zk.create(zkPath, data, - Ids.OPEN_ACL_UNSAFE, CreateMode.PERSISTENT); + zkAcls, CreateMode.PERSISTENT); } else { if (!(version instanceof ZkVersion)) { throw new IllegalArgumentException("Invalid version type, expected ZkVersion type"); http://git-wip-us.apache.org/repos/asf/bookkeeper/blob/b30b527b/bookkeeper-server/src/main/java/org/apache/bookkeeper/bookie/ScanAndCompareGarbageCollector.java ---------------------------------------------------------------------- diff --git a/bookkeeper-server/src/main/java/org/apache/bookkeeper/bookie/ScanAndCompareGarbageCollector.java b/bookkeeper-server/src/main/java/org/apache/bookkeeper/bookie/ScanAndCompareGarbageCollector.java index 4a4c15b..ebcb98c 100644 --- a/bookkeeper-server/src/main/java/org/apache/bookkeeper/bookie/ScanAndCompareGarbageCollector.java +++ b/bookkeeper-server/src/main/java/org/apache/bookkeeper/bookie/ScanAndCompareGarbageCollector.java @@ -46,6 +46,9 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; import com.google.common.collect.Sets; +import java.util.List; +import org.apache.bookkeeper.util.ZkUtils; +import org.apache.zookeeper.data.ACL; /** * Garbage collector implementation using scan and compare. @@ -165,6 +168,7 @@ public class ScanAndCompareGarbageCollector implements GarbageCollector{ private Set<Long> removeOverReplicatedledgers(Set<Long> bkActiveledgers, final GarbageCleaner garbageCleaner) throws InterruptedException, KeeperException { + final List<ACL> zkAcls = ZkUtils.getACLs(conf); final Set<Long> overReplicatedLedgers = Sets.newHashSet(); final Semaphore semaphore = new Semaphore(MAX_CONCURRENT_ZK_REQUESTS); final CountDownLatch latch = new CountDownLatch(bkActiveledgers.size()); @@ -178,7 +182,7 @@ public class ScanAndCompareGarbageCollector implements GarbageCollector{ // we try to acquire the underreplicated ledger lock to not let the bookie replicate the ledger that is // already being checked for deletion, since that might change the ledger ensemble to include the // current bookie again and, in that case, we cannot remove the ledger from local storage - ZkLedgerUnderreplicationManager.acquireUnderreplicatedLedgerLock(zk, zkLedgersRootPath, ledgerId); + ZkLedgerUnderreplicationManager.acquireUnderreplicatedLedgerLock(zk, zkLedgersRootPath, ledgerId, zkAcls); semaphore.acquire(); ledgerManager.readLedgerMetadata(ledgerId, new GenericCallback<LedgerMetadata>() { http://git-wip-us.apache.org/repos/asf/bookkeeper/blob/b30b527b/bookkeeper-server/src/main/java/org/apache/bookkeeper/client/BookKeeperAdmin.java ---------------------------------------------------------------------- diff --git a/bookkeeper-server/src/main/java/org/apache/bookkeeper/client/BookKeeperAdmin.java b/bookkeeper-server/src/main/java/org/apache/bookkeeper/client/BookKeeperAdmin.java index f528455..d4d8d1f 100644 --- a/bookkeeper-server/src/main/java/org/apache/bookkeeper/client/BookKeeperAdmin.java +++ b/bookkeeper-server/src/main/java/org/apache/bookkeeper/client/BookKeeperAdmin.java @@ -37,7 +37,6 @@ import java.util.NoSuchElementException; import java.util.Random; import java.util.UUID; import java.util.concurrent.CompletableFuture; -import java.util.concurrent.ExecutionException; import org.apache.bookkeeper.client.AsyncCallback.OpenCallback; import org.apache.bookkeeper.client.AsyncCallback.RecoverCallback; @@ -58,9 +57,10 @@ import org.apache.zookeeper.KeeperException; import org.apache.zookeeper.KeeperException.Code; import org.apache.bookkeeper.stats.NullStatsLogger; import org.apache.bookkeeper.stats.StatsLogger; +import org.apache.bookkeeper.util.ZkUtils; import org.apache.zookeeper.ZKUtil; -import org.apache.zookeeper.ZooDefs.Ids; import org.apache.zookeeper.ZooKeeper; +import org.apache.zookeeper.data.ACL; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -902,16 +902,16 @@ public class BookKeeperAdmin { conf.getZkLedgersRootPath(), false); boolean availableNodeExists = null != zkc.exists( conf.getZkAvailableBookiesPath(), false); - + List<ACL> zkAcls = ZkUtils.getACLs(conf); // Create ledgers root node if not exists if (!ledgerRootExists) { zkc.create(conf.getZkLedgersRootPath(), "".getBytes(UTF_8), - Ids.OPEN_ACL_UNSAFE, CreateMode.PERSISTENT); + zkAcls, CreateMode.PERSISTENT); } // create available bookies node if not exists if (!availableNodeExists) { zkc.create(conf.getZkAvailableBookiesPath(), "".getBytes(UTF_8), - Ids.OPEN_ACL_UNSAFE, CreateMode.PERSISTENT); + zkAcls, CreateMode.PERSISTENT); } // If old data was there then confirm with admin. @@ -977,7 +977,7 @@ public class BookKeeperAdmin { String instanceId = UUID.randomUUID().toString(); zkc.create(conf.getZkLedgersRootPath() + "/" + BookKeeperConstants.INSTANCEID, instanceId.getBytes(UTF_8), - Ids.OPEN_ACL_UNSAFE, CreateMode.PERSISTENT); + zkAcls, CreateMode.PERSISTENT); LOG.info("Successfully formatted BookKeeper metadata"); } finally { http://git-wip-us.apache.org/repos/asf/bookkeeper/blob/b30b527b/bookkeeper-server/src/main/java/org/apache/bookkeeper/client/BookieWatcher.java ---------------------------------------------------------------------- diff --git a/bookkeeper-server/src/main/java/org/apache/bookkeeper/client/BookieWatcher.java b/bookkeeper-server/src/main/java/org/apache/bookkeeper/client/BookieWatcher.java index 04499eb..ae0ac50 100644 --- a/bookkeeper-server/src/main/java/org/apache/bookkeeper/client/BookieWatcher.java +++ b/bookkeeper-server/src/main/java/org/apache/bookkeeper/client/BookieWatcher.java @@ -41,7 +41,6 @@ import org.apache.zookeeper.KeeperException.NodeExistsException; import org.apache.zookeeper.WatchedEvent; import org.apache.zookeeper.Watcher; import org.apache.zookeeper.Watcher.Event.EventType; -import org.apache.zookeeper.ZooDefs.Ids; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -49,7 +48,10 @@ import com.google.common.cache.Cache; import com.google.common.cache.CacheBuilder; import com.google.common.cache.RemovalListener; import com.google.common.cache.RemovalNotification; + import java.util.Map; +import org.apache.bookkeeper.util.ZkUtils; +import org.apache.zookeeper.data.ACL; /** * This class is responsible for maintaining a consistent view of what bookies @@ -336,7 +338,8 @@ class BookieWatcher implements Watcher, ChildrenCallback { + BookKeeperConstants.READONLY; if (null == bk.getZkHandle().exists(readOnlyBookieRegPath, false)) { try { - bk.getZkHandle().create(readOnlyBookieRegPath, new byte[0], Ids.OPEN_ACL_UNSAFE, + List<ACL> zkAcls = ZkUtils.getACLs(conf); + bk.getZkHandle().create(readOnlyBookieRegPath, new byte[0], zkAcls, CreateMode.PERSISTENT); } catch (NodeExistsException e) { // this node is just now created by someone. http://git-wip-us.apache.org/repos/asf/bookkeeper/blob/b30b527b/bookkeeper-server/src/main/java/org/apache/bookkeeper/conf/AbstractConfiguration.java ---------------------------------------------------------------------- diff --git a/bookkeeper-server/src/main/java/org/apache/bookkeeper/conf/AbstractConfiguration.java b/bookkeeper-server/src/main/java/org/apache/bookkeeper/conf/AbstractConfiguration.java index 1497c7a..07e5d08 100644 --- a/bookkeeper-server/src/main/java/org/apache/bookkeeper/conf/AbstractConfiguration.java +++ b/bookkeeper-server/src/main/java/org/apache/bookkeeper/conf/AbstractConfiguration.java @@ -73,6 +73,9 @@ public abstract class AbstractConfiguration extends CompositeConfiguration { protected final static String NETTY_MAX_FRAME_SIZE = "nettyMaxFrameSizeBytes"; protected final static int DEFAULT_NETTY_MAX_FRAME_SIZE = 5 * 1024 * 1024; // 5MB + // Zookeeper ACL settings + protected final static String ZK_ENABLE_SECURITY = "zkEnableSecurity"; + protected AbstractConfiguration() { super(); if (READ_SYSTEM_PROPERTIES) { @@ -188,6 +191,24 @@ public abstract class AbstractConfiguration extends CompositeConfiguration { } /** + * Are z-node created with strict ACLs + * + * @return usage of secure ZooKeeper ACLs + */ + public boolean isZkEnableSecurity() { + return getBoolean(ZK_ENABLE_SECURITY, false); + } + + /** + * Set the usage of ACLs of new z-nodes + * + * @param zkEnableSecurity + */ + public void setZkEnableSecurity(boolean zkEnableSecurity) { + setProperty(ZK_ENABLE_SECURITY, zkEnableSecurity); + } + + /** * Get the node under which available bookies are stored * * @return Node under which available bookies are stored. http://git-wip-us.apache.org/repos/asf/bookkeeper/blob/b30b527b/bookkeeper-server/src/main/java/org/apache/bookkeeper/meta/AbstractZkLedgerManager.java ---------------------------------------------------------------------- diff --git a/bookkeeper-server/src/main/java/org/apache/bookkeeper/meta/AbstractZkLedgerManager.java b/bookkeeper-server/src/main/java/org/apache/bookkeeper/meta/AbstractZkLedgerManager.java index fb4e8b5..6db3375 100644 --- a/bookkeeper-server/src/main/java/org/apache/bookkeeper/meta/AbstractZkLedgerManager.java +++ b/bookkeeper-server/src/main/java/org/apache/bookkeeper/meta/AbstractZkLedgerManager.java @@ -57,6 +57,7 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; import com.google.common.util.concurrent.ThreadFactoryBuilder; +import org.apache.zookeeper.data.ACL; /** * Abstract ledger manager based on zookeeper, which provides common methods such as query zk nodes. @@ -241,7 +242,8 @@ abstract class AbstractZkLedgerManager implements LedgerManager, Watcher { } } }; - ZkUtils.asyncCreateFullPathOptimistic(zk, ledgerPath, metadata.serialize(), Ids.OPEN_ACL_UNSAFE, + List<ACL> zkAcls = ZkUtils.getACLs(conf); + ZkUtils.asyncCreateFullPathOptimistic(zk, ledgerPath, metadata.serialize(), zkAcls, CreateMode.PERSISTENT, scb, null); } http://git-wip-us.apache.org/repos/asf/bookkeeper/blob/b30b527b/bookkeeper-server/src/main/java/org/apache/bookkeeper/meta/FlatLedgerManagerFactory.java ---------------------------------------------------------------------- diff --git a/bookkeeper-server/src/main/java/org/apache/bookkeeper/meta/FlatLedgerManagerFactory.java b/bookkeeper-server/src/main/java/org/apache/bookkeeper/meta/FlatLedgerManagerFactory.java index 78a1867..7c64fec 100644 --- a/bookkeeper-server/src/main/java/org/apache/bookkeeper/meta/FlatLedgerManagerFactory.java +++ b/bookkeeper-server/src/main/java/org/apache/bookkeeper/meta/FlatLedgerManagerFactory.java @@ -25,7 +25,9 @@ import org.apache.zookeeper.KeeperException; import org.apache.zookeeper.ZKUtil; import org.apache.bookkeeper.replication.ReplicationException; import org.apache.bookkeeper.conf.AbstractConfiguration; +import org.apache.bookkeeper.util.ZkUtils; import org.apache.zookeeper.ZooKeeper; +import org.apache.zookeeper.data.ACL; /** * Flat Ledger Manager Factory @@ -65,7 +67,8 @@ public class FlatLedgerManagerFactory extends LedgerManagerFactory { @Override public LedgerIdGenerator newLedgerIdGenerator() { - return new ZkLedgerIdGenerator(zk, conf.getZkLedgersRootPath(), null); + List<ACL> zkAcls = ZkUtils.getACLs(conf); + return new ZkLedgerIdGenerator(zk, conf.getZkLedgersRootPath(), null, zkAcls); } @Override http://git-wip-us.apache.org/repos/asf/bookkeeper/blob/b30b527b/bookkeeper-server/src/main/java/org/apache/bookkeeper/meta/HierarchicalLedgerManagerFactory.java ---------------------------------------------------------------------- diff --git a/bookkeeper-server/src/main/java/org/apache/bookkeeper/meta/HierarchicalLedgerManagerFactory.java b/bookkeeper-server/src/main/java/org/apache/bookkeeper/meta/HierarchicalLedgerManagerFactory.java index dac9e96..084d73d 100644 --- a/bookkeeper-server/src/main/java/org/apache/bookkeeper/meta/HierarchicalLedgerManagerFactory.java +++ b/bookkeeper-server/src/main/java/org/apache/bookkeeper/meta/HierarchicalLedgerManagerFactory.java @@ -25,7 +25,9 @@ import org.apache.zookeeper.KeeperException; import org.apache.zookeeper.ZKUtil; import org.apache.bookkeeper.replication.ReplicationException; import org.apache.bookkeeper.conf.AbstractConfiguration; +import org.apache.bookkeeper.util.ZkUtils; import org.apache.zookeeper.ZooKeeper; +import org.apache.zookeeper.data.ACL; /** * Hierarchical Ledger Manager Factory @@ -65,7 +67,8 @@ public class HierarchicalLedgerManagerFactory extends LedgerManagerFactory { @Override public LedgerIdGenerator newLedgerIdGenerator() { - return new ZkLedgerIdGenerator(zk, conf.getZkLedgersRootPath(), HierarchicalLedgerManager.IDGEN_ZNODE); + List<ACL> zkAcls = ZkUtils.getACLs(conf); + return new ZkLedgerIdGenerator(zk, conf.getZkLedgersRootPath(), HierarchicalLedgerManager.IDGEN_ZNODE, zkAcls); } @Override http://git-wip-us.apache.org/repos/asf/bookkeeper/blob/b30b527b/bookkeeper-server/src/main/java/org/apache/bookkeeper/meta/LedgerLayout.java ---------------------------------------------------------------------- diff --git a/bookkeeper-server/src/main/java/org/apache/bookkeeper/meta/LedgerLayout.java b/bookkeeper-server/src/main/java/org/apache/bookkeeper/meta/LedgerLayout.java index 313f1c1..b49817b 100644 --- a/bookkeeper-server/src/main/java/org/apache/bookkeeper/meta/LedgerLayout.java +++ b/bookkeeper-server/src/main/java/org/apache/bookkeeper/meta/LedgerLayout.java @@ -19,12 +19,14 @@ package org.apache.bookkeeper.meta; */ import java.io.IOException; +import java.util.List; import org.apache.bookkeeper.util.BookKeeperConstants; import org.apache.zookeeper.CreateMode; import org.apache.zookeeper.KeeperException; import org.apache.zookeeper.ZooDefs.Ids; import org.apache.zookeeper.ZooKeeper; +import org.apache.zookeeper.data.ACL; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -139,11 +141,11 @@ class LedgerLayout { /** * Store the ledger layout into zookeeper */ - public void store(final ZooKeeper zk, String ledgersRoot) + public void store(final ZooKeeper zk, String ledgersRoot, List<ACL> zkAcls) throws IOException, KeeperException, InterruptedException { String ledgersLayout = ledgersRoot + "/" + BookKeeperConstants.LAYOUT_ZNODE; - zk.create(ledgersLayout, serialize(), Ids.OPEN_ACL_UNSAFE, + zk.create(ledgersLayout, serialize(), zkAcls, CreateMode.PERSISTENT); } http://git-wip-us.apache.org/repos/asf/bookkeeper/blob/b30b527b/bookkeeper-server/src/main/java/org/apache/bookkeeper/meta/LedgerManagerFactory.java ---------------------------------------------------------------------- diff --git a/bookkeeper-server/src/main/java/org/apache/bookkeeper/meta/LedgerManagerFactory.java b/bookkeeper-server/src/main/java/org/apache/bookkeeper/meta/LedgerManagerFactory.java index 3a53623..76d1572 100644 --- a/bookkeeper-server/src/main/java/org/apache/bookkeeper/meta/LedgerManagerFactory.java +++ b/bookkeeper-server/src/main/java/org/apache/bookkeeper/meta/LedgerManagerFactory.java @@ -19,6 +19,7 @@ package org.apache.bookkeeper.meta; */ import java.io.IOException; +import java.util.List; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -26,9 +27,11 @@ import org.slf4j.LoggerFactory; import org.apache.bookkeeper.replication.ReplicationException; import org.apache.bookkeeper.conf.AbstractConfiguration; import org.apache.bookkeeper.util.ReflectionUtils; +import org.apache.bookkeeper.util.ZkUtils; import org.apache.commons.configuration.ConfigurationException; import org.apache.zookeeper.KeeperException; import org.apache.zookeeper.ZooKeeper; +import org.apache.zookeeper.data.ACL; public abstract class LedgerManagerFactory { @@ -218,8 +221,9 @@ public abstract class LedgerManagerFactory { layout = new LedgerLayout(factoryClass.getName(), lmFactory.getCurrentVersion()); + List<ACL> zkAcls = ZkUtils.getACLs(conf); try { - layout.store(zk, ledgerRootPath); + layout.store(zk, ledgerRootPath, zkAcls); } catch (KeeperException.NodeExistsException nee) { LedgerLayout layout2 = LedgerLayout.readLayout(zk, ledgerRootPath); if (!layout2.equals(layout)) { http://git-wip-us.apache.org/repos/asf/bookkeeper/blob/b30b527b/bookkeeper-server/src/main/java/org/apache/bookkeeper/meta/MSLedgerManagerFactory.java ---------------------------------------------------------------------- diff --git a/bookkeeper-server/src/main/java/org/apache/bookkeeper/meta/MSLedgerManagerFactory.java b/bookkeeper-server/src/main/java/org/apache/bookkeeper/meta/MSLedgerManagerFactory.java index 8a82d41..890bab7 100644 --- a/bookkeeper-server/src/main/java/org/apache/bookkeeper/meta/MSLedgerManagerFactory.java +++ b/bookkeeper-server/src/main/java/org/apache/bookkeeper/meta/MSLedgerManagerFactory.java @@ -65,6 +65,9 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; import com.google.common.util.concurrent.ThreadFactoryBuilder; +import java.util.List; +import org.apache.bookkeeper.util.ZkUtils; +import org.apache.zookeeper.data.ACL; /** * MetaStore Based Ledger Manager Factory @@ -179,7 +182,8 @@ public class MSLedgerManagerFactory extends LedgerManagerFactory { @Override public LedgerIdGenerator newLedgerIdGenerator() { - return new ZkLedgerIdGenerator(zk, conf.getZkLedgersRootPath(), MsLedgerManager.IDGEN_ZNODE); + List<ACL> zkAcls = ZkUtils.getACLs(conf); + return new ZkLedgerIdGenerator(zk, conf.getZkLedgersRootPath(), MsLedgerManager.IDGEN_ZNODE, zkAcls); } static class MsLedgerManager implements LedgerManager, MetastoreWatcher { http://git-wip-us.apache.org/repos/asf/bookkeeper/blob/b30b527b/bookkeeper-server/src/main/java/org/apache/bookkeeper/meta/ZkLedgerIdGenerator.java ---------------------------------------------------------------------- diff --git a/bookkeeper-server/src/main/java/org/apache/bookkeeper/meta/ZkLedgerIdGenerator.java b/bookkeeper-server/src/main/java/org/apache/bookkeeper/meta/ZkLedgerIdGenerator.java index b54c891..a2e79af 100644 --- a/bookkeeper-server/src/main/java/org/apache/bookkeeper/meta/ZkLedgerIdGenerator.java +++ b/bookkeeper-server/src/main/java/org/apache/bookkeeper/meta/ZkLedgerIdGenerator.java @@ -18,6 +18,7 @@ package org.apache.bookkeeper.meta; import java.io.IOException; +import java.util.List; import org.apache.bookkeeper.client.BKException; import org.apache.bookkeeper.proto.BookkeeperInternalCallbacks.GenericCallback; @@ -29,6 +30,7 @@ import org.apache.zookeeper.CreateMode; import org.apache.zookeeper.KeeperException; import org.apache.zookeeper.ZooDefs.Ids; import org.apache.zookeeper.ZooKeeper; +import org.apache.zookeeper.data.ACL; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -47,11 +49,14 @@ public class ZkLedgerIdGenerator implements LedgerIdGenerator { final ZooKeeper zk; final String ledgerIdGenPath; final String ledgerPrefix; + final List<ACL> zkAcls; public ZkLedgerIdGenerator(ZooKeeper zk, String ledgersPath, - String idGenZnodeName) { + String idGenZnodeName, + List<ACL> zkAcls) { this.zk = zk; + this.zkAcls = zkAcls; if (StringUtils.isBlank(idGenZnodeName)) { this.ledgerIdGenPath = ledgersPath; } else { @@ -62,7 +67,7 @@ public class ZkLedgerIdGenerator implements LedgerIdGenerator { @Override public void generateLedgerId(final GenericCallback<Long> cb) { - ZkUtils.asyncCreateFullPathOptimistic(zk, ledgerPrefix, new byte[0], Ids.OPEN_ACL_UNSAFE, + ZkUtils.asyncCreateFullPathOptimistic(zk, ledgerPrefix, new byte[0], zkAcls, CreateMode.EPHEMERAL_SEQUENTIAL, new StringCallback() { @Override http://git-wip-us.apache.org/repos/asf/bookkeeper/blob/b30b527b/bookkeeper-server/src/main/java/org/apache/bookkeeper/meta/ZkLedgerUnderreplicationManager.java ---------------------------------------------------------------------- diff --git a/bookkeeper-server/src/main/java/org/apache/bookkeeper/meta/ZkLedgerUnderreplicationManager.java b/bookkeeper-server/src/main/java/org/apache/bookkeeper/meta/ZkLedgerUnderreplicationManager.java index e307b2c..8c0d7ed 100644 --- a/bookkeeper-server/src/main/java/org/apache/bookkeeper/meta/ZkLedgerUnderreplicationManager.java +++ b/bookkeeper-server/src/main/java/org/apache/bookkeeper/meta/ZkLedgerUnderreplicationManager.java @@ -57,6 +57,7 @@ import org.slf4j.LoggerFactory; import com.google.common.annotations.VisibleForTesting; import com.google.common.base.Joiner; import com.google.protobuf.TextFormat; +import org.apache.zookeeper.data.ACL; /** * ZooKeeper implementation of underreplication manager. @@ -99,11 +100,12 @@ public class ZkLedgerUnderreplicationManager implements LedgerUnderreplicationMa private final String urLedgerPath; private final String urLockPath; private final String layoutZNode; - + private final AbstractConfiguration conf; private final ZooKeeper zkc; public ZkLedgerUnderreplicationManager(AbstractConfiguration conf, ZooKeeper zkc) throws KeeperException, InterruptedException, ReplicationException.CompatibilityException { + this.conf = conf; basePath = getBasePath(conf.getZkLedgersRootPath()); layoutZNode = basePath + '/' + BookKeeperConstants.LAYOUT_ZNODE; urLedgerPath = basePath @@ -137,9 +139,10 @@ public class ZkLedgerUnderreplicationManager implements LedgerUnderreplicationMa private void checkLayout() throws KeeperException, InterruptedException, ReplicationException.CompatibilityException { + List<ACL> zkAcls = ZkUtils.getACLs(conf); if (zkc.exists(basePath, false) == null) { try { - zkc.create(basePath, new byte[0], Ids.OPEN_ACL_UNSAFE, CreateMode.PERSISTENT); + zkc.create(basePath, new byte[0], zkAcls, CreateMode.PERSISTENT); } catch (KeeperException.NodeExistsException nee) { // do nothing, someone each could have created it } @@ -151,7 +154,7 @@ public class ZkLedgerUnderreplicationManager implements LedgerUnderreplicationMa builder.setType(LAYOUT).setVersion(LAYOUT_VERSION); try { zkc.create(layoutZNode, TextFormat.printToString(builder.build()).getBytes(UTF_8), - Ids.OPEN_ACL_UNSAFE, CreateMode.PERSISTENT); + zkAcls, CreateMode.PERSISTENT); } catch (KeeperException.NodeExistsException nne) { // someone else managed to create it continue; @@ -179,14 +182,14 @@ public class ZkLedgerUnderreplicationManager implements LedgerUnderreplicationMa } if (zkc.exists(urLedgerPath, false) == null) { try { - zkc.create(urLedgerPath, new byte[0], Ids.OPEN_ACL_UNSAFE, CreateMode.PERSISTENT); + zkc.create(urLedgerPath, new byte[0], zkAcls, CreateMode.PERSISTENT); } catch (KeeperException.NodeExistsException nee) { // do nothing, someone each could have created it } } if (zkc.exists(urLockPath, false) == null) { try { - zkc.create(urLockPath, new byte[0], Ids.OPEN_ACL_UNSAFE, CreateMode.PERSISTENT); + zkc.create(urLockPath, new byte[0], zkAcls, CreateMode.PERSISTENT); } catch (KeeperException.NodeExistsException nee) { // do nothing, someone each could have created it } @@ -239,6 +242,7 @@ public class ZkLedgerUnderreplicationManager implements LedgerUnderreplicationMa throws ReplicationException.UnavailableException { LOG.debug("markLedgerUnderreplicated(ledgerId={}, missingReplica={})", ledgerId, missingReplica); try { + List<ACL> zkAcls = ZkUtils.getACLs(conf); String znode = getUrLedgerZnode(ledgerId); while (true) { UnderreplicatedLedgerFormat.Builder builder = UnderreplicatedLedgerFormat.newBuilder(); @@ -246,7 +250,7 @@ public class ZkLedgerUnderreplicationManager implements LedgerUnderreplicationMa builder.addReplica(missingReplica); ZkUtils.createFullPathOptimistic(zkc, znode, TextFormat .printToString(builder.build()).getBytes(UTF_8), - Ids.OPEN_ACL_UNSAFE, CreateMode.PERSISTENT); + zkAcls, CreateMode.PERSISTENT); } catch (KeeperException.NodeExistsException nee) { Stat s = zkc.exists(znode, false); if (s == null) { @@ -389,7 +393,7 @@ public class ZkLedgerUnderreplicationManager implements LedgerUnderreplicationMa } Collections.shuffle(children); - + List<ACL> zkAcls = ZkUtils.getACLs(conf); while (children.size() > 0) { String tryChild = children.get(0); try { @@ -407,7 +411,7 @@ public class ZkLedgerUnderreplicationManager implements LedgerUnderreplicationMa } long ledgerId = getLedgerId(tryChild); - zkc.create(lockPath, LOCK_DATA, Ids.OPEN_ACL_UNSAFE, CreateMode.EPHEMERAL); + zkc.create(lockPath, LOCK_DATA, zkAcls, CreateMode.EPHEMERAL); heldLocks.put(ledgerId, new Lock(lockPath, stat.getVersion())); return ledgerId; } catch (KeeperException.NodeExistsException nee) { @@ -542,10 +546,11 @@ public class ZkLedgerUnderreplicationManager implements LedgerUnderreplicationMa @Override public void disableLedgerReplication() throws ReplicationException.UnavailableException { + List<ACL> zkAcls = ZkUtils.getACLs(conf); LOG.debug("disableLedegerReplication()"); try { String znode = basePath + '/' + BookKeeperConstants.DISABLE_NODE; - zkc.create(znode, "".getBytes(UTF_8), Ids.OPEN_ACL_UNSAFE, CreateMode.PERSISTENT); + zkc.create(znode, "".getBytes(UTF_8), zkAcls, CreateMode.PERSISTENT); LOG.info("Auto ledger re-replication is disabled!"); } catch (KeeperException.NodeExistsException ke) { LOG.warn("AutoRecovery is already disabled!", ke); @@ -647,10 +652,11 @@ public class ZkLedgerUnderreplicationManager implements LedgerUnderreplicationMa /** * Acquire the underreplicated ledger lock */ - public static void acquireUnderreplicatedLedgerLock(ZooKeeper zkc, String zkLedgersRootPath, long ledgerId) + public static void acquireUnderreplicatedLedgerLock(ZooKeeper zkc, String zkLedgersRootPath, + long ledgerId, List<ACL> zkAcls) throws KeeperException, InterruptedException { ZkUtils.createFullPathOptimistic(zkc, getUrLedgerLockZnode(getUrLockPath(zkLedgersRootPath), ledgerId), - LOCK_DATA, Ids.OPEN_ACL_UNSAFE, CreateMode.EPHEMERAL); + LOCK_DATA, zkAcls, CreateMode.EPHEMERAL); } /** http://git-wip-us.apache.org/repos/asf/bookkeeper/blob/b30b527b/bookkeeper-server/src/main/java/org/apache/bookkeeper/replication/AuditorElector.java ---------------------------------------------------------------------- diff --git a/bookkeeper-server/src/main/java/org/apache/bookkeeper/replication/AuditorElector.java b/bookkeeper-server/src/main/java/org/apache/bookkeeper/replication/AuditorElector.java index e8dfb02..b396e89 100644 --- a/bookkeeper-server/src/main/java/org/apache/bookkeeper/replication/AuditorElector.java +++ b/bookkeeper-server/src/main/java/org/apache/bookkeeper/replication/AuditorElector.java @@ -56,6 +56,8 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; import static org.apache.bookkeeper.replication.ReplicationStats.ELECTION_ATTEMPTS; +import org.apache.bookkeeper.util.ZkUtils; +import org.apache.zookeeper.data.ACL; /** * Performing auditor election using Apache ZooKeeper. Using ZooKeeper as a @@ -147,10 +149,11 @@ public class AuditorElector { private void createMyVote() throws KeeperException, InterruptedException { if (null == myVote || null == zkc.exists(myVote, false)) { + List<ACL> zkAcls = ZkUtils.getACLs(conf); AuditorVoteFormat.Builder builder = AuditorVoteFormat.newBuilder() .setBookieId(bookieId); myVote = zkc.create(getVotePath(PATH_SEPARATOR + VOTE_PREFIX), - TextFormat.printToString(builder.build()).getBytes(UTF_8), Ids.OPEN_ACL_UNSAFE, + TextFormat.printToString(builder.build()).getBytes(UTF_8), zkAcls, CreateMode.EPHEMERAL_SEQUENTIAL); } } @@ -161,9 +164,10 @@ public class AuditorElector { private void createElectorPath() throws UnavailableException { try { + List<ACL> zkAcls = ZkUtils.getACLs(conf); if (zkc.exists(basePath, false) == null) { try { - zkc.create(basePath, new byte[0], Ids.OPEN_ACL_UNSAFE, + zkc.create(basePath, new byte[0], zkAcls, CreateMode.PERSISTENT); } catch (KeeperException.NodeExistsException nee) { // do nothing, someone else could have created it @@ -172,7 +176,7 @@ public class AuditorElector { if (zkc.exists(getVotePath(""), false) == null) { try { zkc.create(getVotePath(""), new byte[0], - Ids.OPEN_ACL_UNSAFE, CreateMode.PERSISTENT); + zkAcls, CreateMode.PERSISTENT); } catch (KeeperException.NodeExistsException nee) { // do nothing, someone else could have created it } http://git-wip-us.apache.org/repos/asf/bookkeeper/blob/b30b527b/bookkeeper-server/src/main/java/org/apache/bookkeeper/util/LocalBookKeeper.java ---------------------------------------------------------------------- diff --git a/bookkeeper-server/src/main/java/org/apache/bookkeeper/util/LocalBookKeeper.java b/bookkeeper-server/src/main/java/org/apache/bookkeeper/util/LocalBookKeeper.java index 125f084..d9a6bcf 100644 --- a/bookkeeper-server/src/main/java/org/apache/bookkeeper/util/LocalBookKeeper.java +++ b/bookkeeper-server/src/main/java/org/apache/bookkeeper/util/LocalBookKeeper.java @@ -45,6 +45,7 @@ import org.apache.zookeeper.ZooKeeper; import org.apache.zookeeper.ZooDefs.Ids; import static com.google.common.base.Charsets.UTF_8; +import org.apache.zookeeper.data.ACL; public class LocalBookKeeper { protected static final Logger LOG = LoggerFactory.getLogger(LocalBookKeeper.class); http://git-wip-us.apache.org/repos/asf/bookkeeper/blob/b30b527b/bookkeeper-server/src/main/java/org/apache/bookkeeper/util/ZkUtils.java ---------------------------------------------------------------------- diff --git a/bookkeeper-server/src/main/java/org/apache/bookkeeper/util/ZkUtils.java b/bookkeeper-server/src/main/java/org/apache/bookkeeper/util/ZkUtils.java index f237988..24c0a52 100644 --- a/bookkeeper-server/src/main/java/org/apache/bookkeeper/util/ZkUtils.java +++ b/bookkeeper-server/src/main/java/org/apache/bookkeeper/util/ZkUtils.java @@ -26,6 +26,7 @@ import java.io.IOException; import java.util.List; import java.util.concurrent.CountDownLatch; import java.util.concurrent.atomic.AtomicInteger; +import org.apache.bookkeeper.conf.AbstractConfiguration; import org.apache.bookkeeper.proto.BookkeeperInternalCallbacks.GenericCallback; import org.apache.bookkeeper.zookeeper.BoundExponentialBackoffRetryPolicy; @@ -36,6 +37,7 @@ import org.apache.zookeeper.AsyncCallback; import org.apache.zookeeper.KeeperException; import org.apache.zookeeper.AsyncCallback.StringCallback; import org.apache.zookeeper.KeeperException.Code; +import org.apache.zookeeper.ZooDefs; import org.apache.zookeeper.data.ACL; import org.apache.zookeeper.ZooKeeper; import org.slf4j.Logger; @@ -231,4 +233,13 @@ public class ZkUtils { }, null); } + /** + * Compute ZooKeeper ACLs using actual configuration + * + * @param conf Bookie or BookKeeper configuration + */ + public static List<ACL> getACLs(AbstractConfiguration conf) { + return conf.isZkEnableSecurity() ? ZooDefs.Ids.CREATOR_ALL_ACL: ZooDefs.Ids.OPEN_ACL_UNSAFE; + } + } http://git-wip-us.apache.org/repos/asf/bookkeeper/blob/b30b527b/bookkeeper-server/src/test/java/org/apache/bookkeeper/bookie/EnableZkSecurityBasicTest.java ---------------------------------------------------------------------- diff --git a/bookkeeper-server/src/test/java/org/apache/bookkeeper/bookie/EnableZkSecurityBasicTest.java b/bookkeeper-server/src/test/java/org/apache/bookkeeper/bookie/EnableZkSecurityBasicTest.java new file mode 100644 index 0000000..277801f --- /dev/null +++ b/bookkeeper-server/src/test/java/org/apache/bookkeeper/bookie/EnableZkSecurityBasicTest.java @@ -0,0 +1,126 @@ +/* + * Copyright 2016 The Apache Software Foundation. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.bookkeeper.bookie; + +import java.io.File; +import java.io.IOException; +import java.nio.charset.StandardCharsets; +import java.nio.file.Files; +import java.util.List; +import javax.security.auth.login.Configuration; +import org.apache.bookkeeper.client.BookKeeper; +import org.apache.bookkeeper.client.LedgerHandle; +import org.apache.bookkeeper.conf.ClientConfiguration; +import org.apache.bookkeeper.test.BookKeeperClusterTestCase; +import org.apache.bookkeeper.util.BookKeeperConstants; +import org.apache.bookkeeper.zookeeper.ZooKeeperClient; +import org.apache.zookeeper.KeeperException; +import org.apache.zookeeper.ZooKeeper; +import org.apache.zookeeper.data.ACL; +import org.apache.zookeeper.data.Stat; +import org.junit.AfterClass; +import static org.junit.Assert.assertEquals; +import org.junit.Before; +import org.junit.BeforeClass; +import org.junit.Test; + +/** + * Test basic functions using secured ZooKeeper + */ +public class EnableZkSecurityBasicTest extends BookKeeperClusterTestCase { + + public EnableZkSecurityBasicTest() { + super(0); + this.baseClientConf.setZkEnableSecurity(true); + this.baseConf.setZkEnableSecurity(true); + } + + @BeforeClass + public static void setupJAAS() throws IOException { + System.setProperty("zookeeper.authProvider.1", "org.apache.zookeeper.server.auth.SASLAuthenticationProvider"); + File tmpJaasDir = new File("target").getAbsoluteFile(); + File tmpJaasFile = new File(tmpJaasDir, "jaas.conf"); + String jassFileContent + = "Server {\n" + + " org.apache.zookeeper.server.auth.DigestLoginModule required\n" + + " user_foo=\"bar\";\n" + + "};\n" + + "\n" + + "Client {\n" + + " org.apache.zookeeper.server.auth.DigestLoginModule required\n" + + " username=\"foo\"\n" + + " password=\"bar\";\n" + + "};"; + Files.write(tmpJaasFile.toPath(), jassFileContent.getBytes(StandardCharsets.UTF_8)); + System.setProperty("java.security.auth.login.config", tmpJaasFile.getAbsolutePath()); + Configuration.getConfiguration().refresh(); + } + + @AfterClass + public static void cleanUpJAAS() { + System.clearProperty("java.security.auth.login.config"); + Configuration.getConfiguration().refresh(); + System.clearProperty("zookeeper.authProvider.1"); + } + + @Test + public void testCreateLedgerAddEntryOnSecureZooKeepeer() throws Exception { + startNewBookie(); + + ClientConfiguration conf = new ClientConfiguration() + .setZkServers(zkUtil.getZooKeeperConnectString()) + .setZkTimeout(20000); + + conf.setZkEnableSecurity(true); + + try (BookKeeper bkc = new BookKeeper(conf);) { + try (LedgerHandle lh = bkc.createLedger(1, 1, 1, BookKeeper.DigestType.CRC32, "testPasswd".getBytes());) { + lh.addEntry("foo".getBytes(StandardCharsets.UTF_8)); + } + } + + checkAllAcls(); + } + + private void checkAllAcls() throws IOException, InterruptedException, KeeperException { + ZooKeeper zk = ZooKeeperClient.newBuilder() + .connectString(zkUtil.getZooKeeperConnectString()) + .sessionTimeoutMs(20000) + .build(); + checkACls(zk, "/"); + zk.close(); + } + + private void checkACls(ZooKeeper zk, String path) throws KeeperException, InterruptedException { + List<String> children = zk.getChildren(path, null); + for (String child : children) { + String fullPath = path.equals("/") ? path + child : path + "/" + child; + List<ACL> acls = zk.getACL(fullPath, new Stat()); + checkACls(zk, fullPath); + + if (!fullPath.startsWith("/zookeeper") // skip zookeeper internal nodes + && !fullPath.equals("/ledgers") // node created by test setup + && !fullPath.equals("/ledgers/" + BookKeeperConstants.AVAILABLE_NODE) // node created by test setup + ) { + assertEquals(1, acls.size()); + assertEquals(31, acls.get(0).getPerms()); + assertEquals(31, acls.get(0).getPerms()); + assertEquals("unexpected ACLS on " + fullPath + ": " + acls.get(0), "foo", acls.get(0).getId().getId()); + assertEquals("unexpected ACLS on " + fullPath + ": " + acls.get(0), "sasl", acls.get(0).getId().getScheme()); + } + } + } +} http://git-wip-us.apache.org/repos/asf/bookkeeper/blob/b30b527b/bookkeeper-server/src/test/java/org/apache/bookkeeper/bookie/TestGcOverreplicatedLedger.java ---------------------------------------------------------------------- diff --git a/bookkeeper-server/src/test/java/org/apache/bookkeeper/bookie/TestGcOverreplicatedLedger.java b/bookkeeper-server/src/test/java/org/apache/bookkeeper/bookie/TestGcOverreplicatedLedger.java index 5004817..2dae0b0 100644 --- a/bookkeeper-server/src/test/java/org/apache/bookkeeper/bookie/TestGcOverreplicatedLedger.java +++ b/bookkeeper-server/src/test/java/org/apache/bookkeeper/bookie/TestGcOverreplicatedLedger.java @@ -54,6 +54,7 @@ import org.junit.runners.Parameterized; import org.junit.runners.Parameterized.Parameters; import com.google.common.collect.Lists; +import org.apache.zookeeper.ZooDefs; @RunWith(Parameterized.class) public class TestGcOverreplicatedLedger extends LedgerManagerTestCase { @@ -201,7 +202,7 @@ public class TestGcOverreplicatedLedger extends LedgerManagerTestCase { lh.close(); ZkLedgerUnderreplicationManager.acquireUnderreplicatedLedgerLock(zkc, baseConf.getZkLedgersRootPath(), - lh.getId()); + lh.getId(), ZooDefs.Ids.OPEN_ACL_UNSAFE); final CompactableLedgerStorage mockLedgerStorage = new MockLedgerStorage(); final GarbageCollector garbageCollector = new ScanAndCompareGarbageCollector(ledgerManager, mockLedgerStorage, http://git-wip-us.apache.org/repos/asf/bookkeeper/blob/b30b527b/bookkeeper-server/src/test/java/org/apache/bookkeeper/meta/LedgerLayoutTest.java ---------------------------------------------------------------------- diff --git a/bookkeeper-server/src/test/java/org/apache/bookkeeper/meta/LedgerLayoutTest.java b/bookkeeper-server/src/test/java/org/apache/bookkeeper/meta/LedgerLayoutTest.java index 18a818a..4552e65 100644 --- a/bookkeeper-server/src/test/java/org/apache/bookkeeper/meta/LedgerLayoutTest.java +++ b/bookkeeper-server/src/test/java/org/apache/bookkeeper/meta/LedgerLayoutTest.java @@ -29,6 +29,7 @@ import org.apache.zookeeper.CreateMode; import org.apache.zookeeper.ZooDefs.Ids; import org.apache.bookkeeper.test.BookKeeperClusterTestCase; import org.apache.bookkeeper.util.BookKeeperConstants; +import org.apache.zookeeper.ZooDefs; import org.junit.Test; import static org.junit.Assert.*; @@ -55,7 +56,7 @@ public class LedgerLayoutTest extends BookKeeperClusterTestCase { int testVersion = 0xdeadbeef; // use layout defined in configuration also create it in zookeeper LedgerLayout layout2 = new LedgerLayout(testName, testVersion); - layout2.store(zkc, ledgerRootPath); + layout2.store(zkc, ledgerRootPath, ZooDefs.Ids.OPEN_ACL_UNSAFE); layout = LedgerLayout.readLayout(zkc, ledgerRootPath); assertEquals(testName, layout.getManagerFactoryClass()); @@ -73,7 +74,7 @@ public class LedgerLayoutTest extends BookKeeperClusterTestCase { f.setAccessible(true); f.set(layout, layoutVersion); - layout.store(zkc, ledgersRootPath); + layout.store(zkc, ledgersRootPath, ZooDefs.Ids.OPEN_ACL_UNSAFE); } @Test(timeout=60000) http://git-wip-us.apache.org/repos/asf/bookkeeper/blob/b30b527b/bookkeeper-server/src/test/java/org/apache/bookkeeper/meta/TestLedgerManager.java ---------------------------------------------------------------------- diff --git a/bookkeeper-server/src/test/java/org/apache/bookkeeper/meta/TestLedgerManager.java b/bookkeeper-server/src/test/java/org/apache/bookkeeper/meta/TestLedgerManager.java index bc2fd93..62ccb01 100644 --- a/bookkeeper-server/src/test/java/org/apache/bookkeeper/meta/TestLedgerManager.java +++ b/bookkeeper-server/src/test/java/org/apache/bookkeeper/meta/TestLedgerManager.java @@ -30,6 +30,7 @@ import java.util.concurrent.CyclicBarrier; import java.util.List; import java.util.ArrayList; import java.lang.reflect.Field; +import org.apache.zookeeper.ZooDefs; import org.junit.Test; import org.slf4j.Logger; @@ -54,7 +55,7 @@ public class TestLedgerManager extends BookKeeperClusterTestCase { f.setAccessible(true); f.set(layout, layoutVersion); - layout.store(zkc, ledgersRootPath); + layout.store(zkc, ledgersRootPath, ZooDefs.Ids.OPEN_ACL_UNSAFE); } /** @@ -159,7 +160,7 @@ public class TestLedgerManager extends BookKeeperClusterTestCase { conf.setZkLedgersRootPath(root0); new LedgerLayout("DoesNotExist", - 0xdeadbeef).store(zkc, root0); + 0xdeadbeef).store(zkc, root0, ZooDefs.Ids.OPEN_ACL_UNSAFE); try { LedgerManagerFactory.newLedgerManagerFactory(conf, zkc); @@ -177,7 +178,7 @@ public class TestLedgerManager extends BookKeeperClusterTestCase { conf.setZkLedgersRootPath(root1); new LedgerLayout(FlatLedgerManagerFactory.class.getName(), - 0xdeadbeef).store(zkc, root1); + 0xdeadbeef).store(zkc, root1, ZooDefs.Ids.OPEN_ACL_UNSAFE); try { LedgerManagerFactory.newLedgerManagerFactory(conf, zkc); http://git-wip-us.apache.org/repos/asf/bookkeeper/blob/b30b527b/bookkeeper-server/src/test/java/org/apache/bookkeeper/meta/TestZkLedgerIdGenerator.java ---------------------------------------------------------------------- diff --git a/bookkeeper-server/src/test/java/org/apache/bookkeeper/meta/TestZkLedgerIdGenerator.java b/bookkeeper-server/src/test/java/org/apache/bookkeeper/meta/TestZkLedgerIdGenerator.java index 708fbc7..f9cad2e 100644 --- a/bookkeeper-server/src/test/java/org/apache/bookkeeper/meta/TestZkLedgerIdGenerator.java +++ b/bookkeeper-server/src/test/java/org/apache/bookkeeper/meta/TestZkLedgerIdGenerator.java @@ -29,6 +29,7 @@ import junit.framework.TestCase; import org.apache.bookkeeper.proto.BookkeeperInternalCallbacks.GenericCallback; import org.apache.bookkeeper.test.ZooKeeperUtil; import org.apache.zookeeper.KeeperException.Code; +import org.apache.zookeeper.ZooDefs; import org.apache.zookeeper.ZooKeeper; import org.junit.After; import org.junit.Before; @@ -55,7 +56,7 @@ public class TestZkLedgerIdGenerator extends TestCase { zk = zkutil.getZooKeeperClient(); ledgerIdGenerator = new ZkLedgerIdGenerator(zk, - "/test-zk-ledger-id-generator", "idgen"); + "/test-zk-ledger-id-generator", "idgen", ZooDefs.Ids.OPEN_ACL_UNSAFE); } @Override
