This is an automated email from the ASF dual-hosted git repository.
adoroszlai pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ozone.git
The following commit(s) were added to refs/heads/master by this push:
new 221e02293b HDDS-8895. Support dynamic change of
ozone.readonly.administrators in SCM (#4977)
221e02293b is described below
commit 221e02293b55199235bd9f08e94dd398f812495b
Author: z-bb <[email protected]>
AuthorDate: Tue Jun 27 18:13:00 2023 +0800
HDDS-8895. Support dynamic change of ozone.readonly.administrators in SCM
(#4977)
---
.../hdds/scm/server/StorageContainerManager.java | 22 ++++++++++++++++++++--
.../ozone/reconfig/TestScmReconfiguration.java | 15 +++++++++++++++
2 files changed, 35 insertions(+), 2 deletions(-)
diff --git
a/hadoop-hdds/server-scm/src/main/java/org/apache/hadoop/hdds/scm/server/StorageContainerManager.java
b/hadoop-hdds/server-scm/src/main/java/org/apache/hadoop/hdds/scm/server/StorageContainerManager.java
index ae21758c06..79b982cb00 100644
---
a/hadoop-hdds/server-scm/src/main/java/org/apache/hadoop/hdds/scm/server/StorageContainerManager.java
+++
b/hadoop-hdds/server-scm/src/main/java/org/apache/hadoop/hdds/scm/server/StorageContainerManager.java
@@ -197,6 +197,7 @@ import static
org.apache.hadoop.hdds.security.x509.certificate.authority.Certifi
import static org.apache.hadoop.hdds.utils.HddsServerUtil.getRemoteUser;
import static
org.apache.hadoop.hdds.utils.HddsServerUtil.getScmSecurityClientWithMaxRetry;
import static org.apache.hadoop.ozone.OzoneConfigKeys.OZONE_ADMINISTRATORS;
+import static
org.apache.hadoop.ozone.OzoneConfigKeys.OZONE_READONLY_ADMINISTRATORS;
import static org.apache.hadoop.ozone.OzoneConsts.CRL_SEQUENCE_ID_KEY;
import static org.apache.hadoop.ozone.OzoneConsts.SCM_SUB_CA_PREFIX;
import static org.apache.hadoop.ozone.OzoneConsts.SCM_ROOT_CA_COMPONENT_NAME;
@@ -268,7 +269,7 @@ public final class StorageContainerManager extends
ServiceRuntimeInfoImpl
*/
private final String scmStarterUser;
private final OzoneAdmins scmAdmins;
- private OzoneAdmins scmReadOnlyAdmins;
+ private final OzoneAdmins scmReadOnlyAdmins;
/**
* SCM mxbean.
@@ -391,7 +392,9 @@ public final class StorageContainerManager extends
ServiceRuntimeInfoImpl
serviceManager = new SCMServiceManager();
reconfigurationHandler =
new ReconfigurationHandler("SCM", conf, this::checkAdminAccess)
- .register(OZONE_ADMINISTRATORS, this::reconfOzoneAdmins);
+ .register(OZONE_ADMINISTRATORS, this::reconfOzoneAdmins)
+ .register(OZONE_READONLY_ADMINISTRATORS,
+ this::reconfOzoneReadOnlyAdmins);
initializeSystemManagers(conf, configurator);
@@ -2092,6 +2095,10 @@ public final class StorageContainerManager extends
ServiceRuntimeInfoImpl
return scmAdmins.getAdminUsernames();
}
+ public Collection<String> getScmReadOnlyAdminUsernames() {
+ return scmReadOnlyAdmins.getAdminUsernames();
+ }
+
private String reconfOzoneAdmins(String newVal) {
getConfiguration().set(OZONE_ADMINISTRATORS, newVal);
Collection<String> admins = OzoneAdmins.getOzoneAdminsFromConfig(
@@ -2102,6 +2109,17 @@ public final class StorageContainerManager extends
ServiceRuntimeInfoImpl
return String.valueOf(newVal);
}
+ private String reconfOzoneReadOnlyAdmins(String newVal) {
+ getConfiguration().set(OZONE_READONLY_ADMINISTRATORS, newVal);
+ Collection<String> admins = OzoneAdmins.getOzoneReadOnlyAdminsFromConfig(
+ getConfiguration());
+ scmReadOnlyAdmins.setAdminUsernames(admins);
+ LOG.info("Load conf {} : {}, and now read only admins are: {}",
+ OZONE_READONLY_ADMINISTRATORS,
+ newVal, admins);
+ return String.valueOf(newVal);
+ }
+
/**
* This will remove the given SCM node from HA Ring by removing it from
* Ratis Ring.
diff --git
a/hadoop-ozone/integration-test/src/test/java/org/apache/hadoop/ozone/reconfig/TestScmReconfiguration.java
b/hadoop-ozone/integration-test/src/test/java/org/apache/hadoop/ozone/reconfig/TestScmReconfiguration.java
index 21eb93a2c6..2b13986276 100644
---
a/hadoop-ozone/integration-test/src/test/java/org/apache/hadoop/ozone/reconfig/TestScmReconfiguration.java
+++
b/hadoop-ozone/integration-test/src/test/java/org/apache/hadoop/ozone/reconfig/TestScmReconfiguration.java
@@ -29,6 +29,7 @@ import java.util.Set;
import static org.apache.commons.lang3.RandomStringUtils.randomAlphabetic;
import static org.apache.hadoop.ozone.OzoneConfigKeys.OZONE_ADMINISTRATORS;
+import static
org.apache.hadoop.ozone.OzoneConfigKeys.OZONE_READONLY_ADMINISTRATORS;
import static org.junit.jupiter.api.Assertions.assertEquals;
/**
@@ -46,6 +47,7 @@ class TestScmReconfiguration extends ReconfigurationTestBase {
void reconfigurableProperties() {
Set<String> expected = ImmutableSet.<String>builder()
.add(OZONE_ADMINISTRATORS)
+ .add(OZONE_READONLY_ADMINISTRATORS)
.addAll(new ReplicationManagerConfiguration()
.reconfigurableProperties())
.build();
@@ -64,6 +66,19 @@ class TestScmReconfiguration extends ReconfigurationTestBase
{
getCluster().getStorageContainerManager().getScmAdminUsernames());
}
+ @Test
+ void readOnlyAdminUsernames() throws ReconfigurationException {
+ final String newValue = randomAlphabetic(10);
+
+ getSubject().reconfigurePropertyImpl(OZONE_READONLY_ADMINISTRATORS,
+ newValue);
+
+ assertEquals(
+ ImmutableSet.of(newValue),
+ getCluster().getStorageContainerManager()
+ .getScmReadOnlyAdminUsernames());
+ }
+
@Test
void replicationInterval() throws ReconfigurationException {
ReplicationManagerConfiguration config = replicationManagerConfig();
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
