Repository: kudu Updated Branches: refs/heads/master 9e40867cc -> ec81bd9d2
[tests] InvalidTokenDuringSeparateWorkloads test Introduced new AuthnTokenExpireITest.InvalidTokenDuringSeparateWorkloads test to cover authn token re-acquiring for both read-only and write-only workloads. This is to stay clear from the implementation details of the TestWorkload class: it uses the same client object for both the read and the write operations, while the authn token is stored as a shared piece of data in the client object. Also, renamed AuthnTokenExpireITest.InvalidTokenDuringWorkload test into AuthnTokenExpireITest.InvalidTokenDuringMixedWorkload. Change-Id: I7982dfd8456791e57663fc05664e40ff205c42a2 Reviewed-on: http://gerrit.cloudera.org:8080/7025 Reviewed-by: Todd Lipcon <[email protected]> Tested-by: Kudu Jenkins Project: http://git-wip-us.apache.org/repos/asf/kudu/repo Commit: http://git-wip-us.apache.org/repos/asf/kudu/commit/ec81bd9d Tree: http://git-wip-us.apache.org/repos/asf/kudu/tree/ec81bd9d Diff: http://git-wip-us.apache.org/repos/asf/kudu/diff/ec81bd9d Branch: refs/heads/master Commit: ec81bd9d28e057ed21528b9132f8acce14640770 Parents: 9e40867 Author: Alexey Serbin <[email protected]> Authored: Tue May 30 17:54:59 2017 -0700 Committer: Alexey Serbin <[email protected]> Committed: Wed May 31 21:53:41 2017 +0000 ---------------------------------------------------------------------- .../authn_token_expire-itest.cc | 71 +++++++++++++++++++- 1 file changed, 68 insertions(+), 3 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/kudu/blob/ec81bd9d/src/kudu/integration-tests/authn_token_expire-itest.cc ---------------------------------------------------------------------- diff --git a/src/kudu/integration-tests/authn_token_expire-itest.cc b/src/kudu/integration-tests/authn_token_expire-itest.cc index cf42852..f21a9bc 100644 --- a/src/kudu/integration-tests/authn_token_expire-itest.cc +++ b/src/kudu/integration-tests/authn_token_expire-itest.cc @@ -239,9 +239,9 @@ class AuthnTokenExpireDuringWorkloadITest : public AuthnTokenExpireITest { } }; -// Run the workload and check that client retries on ERROR_INVALID_AUTH_TOKEN, -// eventually succeeding with its RPCs. -TEST_F(AuthnTokenExpireDuringWorkloadITest, TokenExpiration) { +// Run a mixed write/read test workload and check that client retries the +// FATAL_INVALID_AUTH_TOKEN error, eventually succeeding with every issued RPC. +TEST_F(AuthnTokenExpireDuringWorkloadITest, InvalidTokenDuringMixedWorkload) { static const int32_t kTimeoutMs = 10 * 60 * 1000; if (!AllowSlowTests()) { @@ -276,6 +276,71 @@ TEST_F(AuthnTokenExpireDuringWorkloadITest, TokenExpiration) { NO_FATALS(cluster_->AssertNoCrashes()); } +// Run write-only and scan-only workloads and check that the client retries +// the FATAL_INVALID_AUTH_TOKEN error, eventually succeeding with its RPCs. +// There is also a test for the mixed workload (see above), but we are looking +// at the implementation as a black box: it's impossible to guarantee that the +// read paths are not affected by the write paths since the mixed workload uses +// the same shared client instance for both the read and the write paths. +TEST_F(AuthnTokenExpireDuringWorkloadITest, InvalidTokenDuringSeparateWorkloads) { + const string table_name = "authn-token-expire-separate-workloads"; + static const int32_t kTimeoutMs = 10 * 60 * 1000; + + if (!AllowSlowTests()) { + LOG(WARNING) << "test is skipped; set KUDU_ALLOW_SLOW_TESTS=1 to run"; + return; + } + + ASSERT_OK(cluster_->Start()); + + // Close an already established idle connection to the server and open + // a new one upon making another call to the same server. This is to force + // authn token verification at every RPC. + FLAGS_rpc_reopen_outbound_connections = true; + + // Run the write-only workload first. + TestWorkload w(cluster_.get()); + w.set_table_name(table_name); + w.set_num_replicas(num_tablet_servers_); + w.set_client_default_admin_operation_timeout_millis(kTimeoutMs); + w.set_client_default_rpc_timeout_millis(kTimeoutMs); + w.set_num_replicas(num_tablet_servers_); + w.set_num_read_threads(0); + w.set_num_write_threads(8); + w.set_write_batch_size(256); + w.set_write_timeout_millis(kTimeoutMs); + w.set_write_pattern(TestWorkload::INSERT_SEQUENTIAL_ROWS); + w.Setup(); + w.Start(); + SleepFor(MonoDelta::FromSeconds(3 * token_validity_seconds_)); + w.StopAndJoin(); + + NO_FATALS(cluster_->AssertNoCrashes()); + const int64_t rows_inserted = w.rows_inserted(); + ASSERT_GE(rows_inserted, 0); + + // Run the read-only workload after the test table is populated. + TestWorkload r(cluster_.get()); + r.set_table_name(table_name); + r.set_num_replicas(num_tablet_servers_); + r.set_client_default_admin_operation_timeout_millis(kTimeoutMs); + r.set_client_default_rpc_timeout_millis(kTimeoutMs); + r.set_num_read_threads(8); + r.set_read_timeout_millis(kTimeoutMs); + r.set_num_write_threads(0); + r.Setup(); + r.Start(); + SleepFor(MonoDelta::FromSeconds(3 * token_validity_seconds_)); + r.StopAndJoin(); + + ClusterVerifier v(cluster_.get()); + v.SetOperationsTimeout(MonoDelta::FromSeconds(5 * 60)); + NO_FATALS(v.CheckRowCount(table_name, ClusterVerifier::EXACTLY, rows_inserted)); + ASSERT_OK(r.Cleanup()); + + NO_FATALS(cluster_->AssertNoCrashes()); +} + // Scenarios to verify that the client automatically re-acquires authn token // when receiving ERROR_INVALID_AUTHENTICATION_TOKEN from the servers in case // if the client has established a token-based connection to master server.
