This is an automated email from the ASF dual-hosted git repository.
weichiu pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ozone.git
The following commit(s) were added to refs/heads/master by this push:
new e3b590e993 HDDS-11227. Use server default key provider to
encrypt/decrypt keys from multiple OMs. (#7081)
e3b590e993 is described below
commit e3b590e993fcdcb7bb3cc3ae5af2e3202cfc9f08
Author: SaketaChalamchala <[email protected]>
AuthorDate: Thu Aug 22 10:24:05 2024 -0700
HDDS-11227. Use server default key provider to encrypt/decrypt keys from
multiple OMs. (#7081)
Co-authored-by: saketa <[email protected]>
---
.../org/apache/hadoop/ozone/OzoneConfigKeys.java | 7 +++
.../common/src/main/resources/ozone-default.xml | 13 +++++
.../apache/hadoop/ozone/client/ObjectStore.java | 5 ++
.../ozone/client/protocol/ClientProtocol.java | 8 +++
.../apache/hadoop/ozone/client/rpc/RpcClient.java | 27 +++++++++-
.../main/java/org/apache/hadoop/ozone/OmUtils.java | 1 +
.../apache/hadoop/ozone/OzoneFsServerDefaults.java | 59 ++++++++++++++++++++++
.../ozone/om/protocol/OzoneManagerProtocol.java | 9 ++++
...OzoneManagerProtocolClientSideTranslatorPB.java | 19 +++++++
.../ozone/client/rpc/OzoneRpcClientTests.java | 6 +++
.../ozone/client/rpc/TestSecureOzoneRpcClient.java | 11 ++++
.../src/main/proto/OmClientProtocol.proto | 14 +++++
.../org/apache/hadoop/ozone/om/OzoneManager.java | 17 +++++++
.../protocolPB/OzoneManagerRequestHandler.java | 7 +++
.../fs/ozone/BasicOzoneClientAdapterImpl.java | 6 +++
.../hadoop/fs/ozone/BasicOzoneFileSystem.java | 6 +++
.../ozone/BasicRootedOzoneClientAdapterImpl.java | 6 +++
.../fs/ozone/BasicRootedOzoneFileSystem.java | 6 +++
.../apache/hadoop/fs/ozone/OzoneClientAdapter.java | 3 ++
.../hadoop/ozone/client/ClientProtocolStub.java | 6 +++
20 files changed, 234 insertions(+), 2 deletions(-)
diff --git
a/hadoop-hdds/common/src/main/java/org/apache/hadoop/ozone/OzoneConfigKeys.java
b/hadoop-hdds/common/src/main/java/org/apache/hadoop/ozone/OzoneConfigKeys.java
index a1547a536b..c61502ff4a 100644
---
a/hadoop-hdds/common/src/main/java/org/apache/hadoop/ozone/OzoneConfigKeys.java
+++
b/hadoop-hdds/common/src/main/java/org/apache/hadoop/ozone/OzoneConfigKeys.java
@@ -583,6 +583,13 @@ public final class OzoneConfigKeys {
public static final boolean OZONE_CLIENT_KEY_LATEST_VERSION_LOCATION_DEFAULT
=
true;
+ public static final String OZONE_CLIENT_SERVER_DEFAULTS_VALIDITY_PERIOD_MS =
+ "ozone.client.server-defaults.validity.period.ms";
+
+ public static final long
+ OZONE_CLIENT_SERVER_DEFAULTS_VALIDITY_PERIOD_MS_DEFAULT =
+ TimeUnit.HOURS.toMillis(1); // 1 hour
+
public static final String OZONE_FLEXIBLE_FQDN_RESOLUTION_ENABLED =
"ozone.network.flexible.fqdn.resolution.enabled";
public static final boolean OZONE_FLEXIBLE_FQDN_RESOLUTION_ENABLED_DEFAULT =
diff --git a/hadoop-hdds/common/src/main/resources/ozone-default.xml
b/hadoop-hdds/common/src/main/resources/ozone-default.xml
index ee060bf7eb..20c1bed89b 100644
--- a/hadoop-hdds/common/src/main/resources/ozone-default.xml
+++ b/hadoop-hdds/common/src/main/resources/ozone-default.xml
@@ -3571,6 +3571,19 @@
</description>
</property>
+ <property>
+ <name>ozone.client.server-defaults.validity.period.ms</name>
+ <tag>OZONE, CLIENT, SECURITY</tag>
+ <value>3600000</value>
+ <description>
+ The amount of milliseconds after which cached server defaults are
updated.
+
+ By default this parameter is set to 1 hour.
+ Support multiple time unit suffix(case insensitive).
+ If no time unit is specified then milliseconds is assumed.
+ </description>
+ </property>
+
<property>
<name>ozone.scm.info.wait.duration</name>
<tag>OZONE, SCM, OM</tag>
diff --git
a/hadoop-ozone/client/src/main/java/org/apache/hadoop/ozone/client/ObjectStore.java
b/hadoop-ozone/client/src/main/java/org/apache/hadoop/ozone/client/ObjectStore.java
index e77f5580cc..65dce09cba 100644
---
a/hadoop-ozone/client/src/main/java/org/apache/hadoop/ozone/client/ObjectStore.java
+++
b/hadoop-ozone/client/src/main/java/org/apache/hadoop/ozone/client/ObjectStore.java
@@ -34,6 +34,7 @@ import org.apache.hadoop.io.Text;
import org.apache.hadoop.ozone.OmUtils;
import org.apache.hadoop.ozone.OzoneAcl;
import org.apache.hadoop.ozone.OzoneConfigKeys;
+import org.apache.hadoop.ozone.OzoneFsServerDefaults;
import org.apache.hadoop.ozone.client.protocol.ClientProtocol;
import org.apache.hadoop.ozone.om.exceptions.OMException;
import org.apache.hadoop.ozone.om.helpers.BucketLayout;
@@ -391,6 +392,10 @@ public class ObjectStore {
proxy.deleteVolume(volumeName);
}
+ public OzoneFsServerDefaults getServerDefaults() throws IOException {
+ return proxy.getServerDefaults();
+ }
+
public KeyProvider getKeyProvider() throws IOException {
return proxy.getKeyProvider();
}
diff --git
a/hadoop-ozone/client/src/main/java/org/apache/hadoop/ozone/client/protocol/ClientProtocol.java
b/hadoop-ozone/client/src/main/java/org/apache/hadoop/ozone/client/protocol/ClientProtocol.java
index 68812a7eb4..16211ebbb8 100644
---
a/hadoop-ozone/client/src/main/java/org/apache/hadoop/ozone/client/protocol/ClientProtocol.java
+++
b/hadoop-ozone/client/src/main/java/org/apache/hadoop/ozone/client/protocol/ClientProtocol.java
@@ -32,6 +32,7 @@ import org.apache.hadoop.hdds.protocol.DatanodeDetails;
import org.apache.hadoop.hdds.protocol.StorageType;
import org.apache.hadoop.io.Text;
import org.apache.hadoop.ozone.OzoneAcl;
+import org.apache.hadoop.ozone.OzoneFsServerDefaults;
import org.apache.hadoop.ozone.client.BucketArgs;
import org.apache.hadoop.ozone.client.OzoneBucket;
import org.apache.hadoop.ozone.client.OzoneKey;
@@ -858,6 +859,13 @@ public interface ClientProtocol {
*/
TenantStateList listTenant() throws IOException;
+ /**
+ * Get server default values for a number of configuration params.
+ * @return Default configuration from the server.
+ * @throws IOException
+ */
+ OzoneFsServerDefaults getServerDefaults() throws IOException;
+
/**
* Get KMS client provider.
* @return KMS client provider.
diff --git
a/hadoop-ozone/client/src/main/java/org/apache/hadoop/ozone/client/rpc/RpcClient.java
b/hadoop-ozone/client/src/main/java/org/apache/hadoop/ozone/client/rpc/RpcClient.java
index 8445f9e695..bfeb9c1e6c 100644
---
a/hadoop-ozone/client/src/main/java/org/apache/hadoop/ozone/client/rpc/RpcClient.java
+++
b/hadoop-ozone/client/src/main/java/org/apache/hadoop/ozone/client/rpc/RpcClient.java
@@ -34,6 +34,7 @@ import org.apache.hadoop.crypto.CryptoOutputStream;
import org.apache.hadoop.crypto.key.KeyProvider;
import org.apache.hadoop.fs.FileEncryptionInfo;
import org.apache.hadoop.fs.Syncable;
+import org.apache.hadoop.util.Time;
import org.apache.hadoop.hdds.client.DefaultReplicationConfig;
import org.apache.hadoop.hdds.client.ECReplicationConfig;
import org.apache.hadoop.hdds.client.ReplicationConfig;
@@ -61,6 +62,7 @@ import org.apache.hadoop.hdds.utils.IOUtils;
import org.apache.hadoop.io.ByteBufferPool;
import org.apache.hadoop.io.ElasticByteBufferPool;
import org.apache.hadoop.io.Text;
+import org.apache.hadoop.ozone.OzoneFsServerDefaults;
import org.apache.hadoop.ozone.OzoneAcl;
import org.apache.hadoop.ozone.OzoneConfigKeys;
import org.apache.hadoop.ozone.OzoneConsts;
@@ -178,6 +180,8 @@ import static
org.apache.hadoop.ozone.OzoneAcl.AclScope.ACCESS;
import static
org.apache.hadoop.ozone.OzoneConfigKeys.OZONE_CLIENT_KEY_PROVIDER_CACHE_EXPIRY;
import static
org.apache.hadoop.ozone.OzoneConfigKeys.OZONE_CLIENT_KEY_PROVIDER_CACHE_EXPIRY_DEFAULT;
import static
org.apache.hadoop.ozone.OzoneConfigKeys.OZONE_CLIENT_REQUIRED_OM_VERSION_MIN_KEY;
+import static
org.apache.hadoop.ozone.OzoneConfigKeys.OZONE_CLIENT_SERVER_DEFAULTS_VALIDITY_PERIOD_MS;
+import static
org.apache.hadoop.ozone.OzoneConfigKeys.OZONE_CLIENT_SERVER_DEFAULTS_VALIDITY_PERIOD_MS_DEFAULT;
import static
org.apache.hadoop.ozone.OzoneConsts.MAXIMUM_NUMBER_OF_PARTS_PER_UPLOAD;
import static org.apache.hadoop.ozone.OzoneConsts.OLD_QUOTA_DEFAULT;
import static
org.apache.hadoop.ozone.OzoneConsts.OZONE_MAXIMUM_ACCESS_ID_LENGTH;
@@ -224,6 +228,9 @@ public class RpcClient implements ClientProtocol {
private final ContainerClientMetrics clientMetrics;
private final MemoizedSupplier<ExecutorService> writeExecutor;
private final AtomicBoolean isS3GRequest = new AtomicBoolean(false);
+ private volatile OzoneFsServerDefaults serverDefaults;
+ private volatile long serverDefaultsLastUpdate;
+ private final long serverDefaultsValidityPeriod;
/**
* Creates RpcClient instance with the given configuration.
@@ -330,6 +337,11 @@ public class RpcClient implements ClientProtocol {
.getInstance(byteBufferPool, ecReconstructExecutor);
this.clientMetrics = ContainerClientMetrics.acquire();
+ this.serverDefaultsValidityPeriod = conf.getTimeDuration(
+ OZONE_CLIENT_SERVER_DEFAULTS_VALIDITY_PERIOD_MS,
+ OZONE_CLIENT_SERVER_DEFAULTS_VALIDITY_PERIOD_MS_DEFAULT,
+ TimeUnit.MILLISECONDS);
+
TracingUtil.initTracing("client", conf);
}
@@ -2591,11 +2603,22 @@ public class RpcClient implements ClientProtocol {
}
}
+ @Override
+ public OzoneFsServerDefaults getServerDefaults() throws IOException {
+ long now = Time.monotonicNow();
+ if ((serverDefaults == null) ||
+ (now - serverDefaultsLastUpdate > serverDefaultsValidityPeriod)) {
+ serverDefaults = ozoneManagerClient.getServerDefaults();
+ serverDefaultsLastUpdate = now;
+ }
+ assert serverDefaults != null;
+ return serverDefaults;
+ }
+
@Override
public URI getKeyProviderUri() throws IOException {
- // TODO: fix me to support kms instances for difference OMs
return OzoneKMSUtil.getKeyProviderUri(ugi,
- null, null, conf);
+ null, getServerDefaults().getKeyProviderUri(), conf);
}
@Override
diff --git
a/hadoop-ozone/common/src/main/java/org/apache/hadoop/ozone/OmUtils.java
b/hadoop-ozone/common/src/main/java/org/apache/hadoop/ozone/OmUtils.java
index bf27d7afb6..11f176362a 100644
--- a/hadoop-ozone/common/src/main/java/org/apache/hadoop/ozone/OmUtils.java
+++ b/hadoop-ozone/common/src/main/java/org/apache/hadoop/ozone/OmUtils.java
@@ -274,6 +274,7 @@ public final class OmUtils {
case SetSafeMode:
case PrintCompactionLogDag:
case GetSnapshotInfo:
+ case GetServerDefaults:
return true;
case CreateVolume:
case SetVolumeProperty:
diff --git
a/hadoop-ozone/common/src/main/java/org/apache/hadoop/ozone/OzoneFsServerDefaults.java
b/hadoop-ozone/common/src/main/java/org/apache/hadoop/ozone/OzoneFsServerDefaults.java
new file mode 100644
index 0000000000..782fa88e8d
--- /dev/null
+++
b/hadoop-ozone/common/src/main/java/org/apache/hadoop/ozone/OzoneFsServerDefaults.java
@@ -0,0 +1,59 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ * <p>
+ * http://www.apache.org/licenses/LICENSE-2.0
+ * <p>
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.hadoop.ozone;
+
+import org.apache.hadoop.fs.FsServerDefaults;
+import org.apache.hadoop.hdds.annotation.InterfaceAudience;
+import org.apache.hadoop.hdds.annotation.InterfaceStability;
+
+import
org.apache.hadoop.ozone.protocol.proto.OzoneManagerProtocolProtos.FsServerDefaultsProto;
+import
org.apache.hadoop.ozone.protocol.proto.OzoneManagerProtocolProtos.FsServerDefaultsProto.Builder;
+
+
+/****************************************************
+ * Provides server default configuration values to clients.
+ *
+ ****************************************************/
[email protected]
[email protected]
+public class OzoneFsServerDefaults extends FsServerDefaults {
+
+ public OzoneFsServerDefaults() {
+ }
+
+ public OzoneFsServerDefaults(String keyProviderUri) {
+ super(0L, 0, 0, (short)0, 0, false, 0L, null, keyProviderUri);
+ }
+
+ public FsServerDefaultsProto getProtobuf() {
+ Builder builder = FsServerDefaultsProto.newBuilder();
+ if (getKeyProviderUri() != null) {
+ builder.setKeyProviderUri(getKeyProviderUri());
+ }
+ return builder.build();
+ }
+
+ public static OzoneFsServerDefaults getFromProtobuf(
+ FsServerDefaultsProto serverDefaults) {
+ String keyProviderUri = null;
+ if (serverDefaults.hasKeyProviderUri()) {
+ keyProviderUri = serverDefaults.getKeyProviderUri();
+ }
+ return new OzoneFsServerDefaults(keyProviderUri);
+ }
+}
diff --git
a/hadoop-ozone/common/src/main/java/org/apache/hadoop/ozone/om/protocol/OzoneManagerProtocol.java
b/hadoop-ozone/common/src/main/java/org/apache/hadoop/ozone/om/protocol/OzoneManagerProtocol.java
index 5f592663da..45922c107c 100644
---
a/hadoop-ozone/common/src/main/java/org/apache/hadoop/ozone/om/protocol/OzoneManagerProtocol.java
+++
b/hadoop-ozone/common/src/main/java/org/apache/hadoop/ozone/om/protocol/OzoneManagerProtocol.java
@@ -28,6 +28,7 @@ import jakarta.annotation.Nonnull;
import org.apache.hadoop.fs.SafeModeAction;
import org.apache.hadoop.hdds.scm.container.common.helpers.ExcludeList;
import org.apache.hadoop.ozone.OzoneAcl;
+import org.apache.hadoop.ozone.OzoneFsServerDefaults;
import org.apache.hadoop.ozone.om.IOmMetadataReader;
import org.apache.hadoop.ozone.om.OMConfigKeys;
import org.apache.hadoop.ozone.om.exceptions.OMException;
@@ -1178,4 +1179,12 @@ public interface OzoneManagerProtocol
*/
boolean setSafeMode(SafeModeAction action, boolean isChecked)
throws IOException;
+
+ /**
+ * Get server default configurations.
+ *
+ * @return OzoneFsServerDefaults some default configurations from server.
+ * @throws IOException
+ */
+ OzoneFsServerDefaults getServerDefaults() throws IOException;
}
diff --git
a/hadoop-ozone/common/src/main/java/org/apache/hadoop/ozone/om/protocolPB/OzoneManagerProtocolClientSideTranslatorPB.java
b/hadoop-ozone/common/src/main/java/org/apache/hadoop/ozone/om/protocolPB/OzoneManagerProtocolClientSideTranslatorPB.java
index 9a965b7c3d..f70beed5f2 100644
---
a/hadoop-ozone/common/src/main/java/org/apache/hadoop/ozone/om/protocolPB/OzoneManagerProtocolClientSideTranslatorPB.java
+++
b/hadoop-ozone/common/src/main/java/org/apache/hadoop/ozone/om/protocolPB/OzoneManagerProtocolClientSideTranslatorPB.java
@@ -41,6 +41,7 @@ import org.apache.hadoop.io.Text;
import org.apache.hadoop.ipc.CallerContext;
import org.apache.hadoop.ozone.ClientVersion;
import org.apache.hadoop.ozone.OzoneAcl;
+import org.apache.hadoop.ozone.OzoneFsServerDefaults;
import org.apache.hadoop.ozone.om.exceptions.OMException;
import org.apache.hadoop.ozone.om.helpers.BasicOmKeyInfo;
import org.apache.hadoop.ozone.om.helpers.ErrorInfo;
@@ -197,6 +198,8 @@ import
org.apache.hadoop.ozone.protocol.proto.OzoneManagerProtocolProtos.RevokeS
import
org.apache.hadoop.ozone.protocol.proto.OzoneManagerProtocolProtos.S3Authentication;
import
org.apache.hadoop.ozone.protocol.proto.OzoneManagerProtocolProtos.S3Secret;
import
org.apache.hadoop.ozone.protocol.proto.OzoneManagerProtocolProtos.SafeMode;
+import
org.apache.hadoop.ozone.protocol.proto.OzoneManagerProtocolProtos.ServerDefaultsRequest;
+import
org.apache.hadoop.ozone.protocol.proto.OzoneManagerProtocolProtos.ServerDefaultsResponse;
import
org.apache.hadoop.ozone.protocol.proto.OzoneManagerProtocolProtos.ServiceListRequest;
import
org.apache.hadoop.ozone.protocol.proto.OzoneManagerProtocolProtos.ServiceListResponse;
import
org.apache.hadoop.ozone.protocol.proto.OzoneManagerProtocolProtos.SetAclRequest;
@@ -2644,6 +2647,22 @@ public final class
OzoneManagerProtocolClientSideTranslatorPB
return setSafeModeResponse.getResponse();
}
+ @Override
+ public OzoneFsServerDefaults getServerDefaults()
+ throws IOException {
+ ServerDefaultsRequest serverDefaultsRequest =
+ ServerDefaultsRequest.newBuilder().build();
+
+ OMRequest omRequest = createOMRequest(Type.GetServerDefaults)
+ .setServerDefaultsRequest(serverDefaultsRequest).build();
+
+ ServerDefaultsResponse serverDefaultsResponse =
+ handleError(submitRequest(omRequest)).getServerDefaultsResponse();
+
+ return OzoneFsServerDefaults.getFromProtobuf(
+ serverDefaultsResponse.getServerDefaults());
+ }
+
private SafeMode toProtoBuf(SafeModeAction action) {
switch (action) {
case ENTER:
diff --git
a/hadoop-ozone/integration-test/src/test/java/org/apache/hadoop/ozone/client/rpc/OzoneRpcClientTests.java
b/hadoop-ozone/integration-test/src/test/java/org/apache/hadoop/ozone/client/rpc/OzoneRpcClientTests.java
index 30597fc3e7..eb9f35f518 100644
---
a/hadoop-ozone/integration-test/src/test/java/org/apache/hadoop/ozone/client/rpc/OzoneRpcClientTests.java
+++
b/hadoop-ozone/integration-test/src/test/java/org/apache/hadoop/ozone/client/rpc/OzoneRpcClientTests.java
@@ -4908,6 +4908,12 @@ abstract class OzoneRpcClientTests extends OzoneTestBase
{
assertThat(omSMLog.getOutput()).contains("Failed to write, Exception
occurred");
}
+ @Test
+ public void testGetServerDefaults() throws IOException {
+ assertNotNull(getClient().getProxy().getServerDefaults());
+ assertNull(getClient().getProxy().getServerDefaults().getKeyProviderUri());
+ }
+
private static class OMRequestHandlerPauseInjector extends FaultInjector {
private CountDownLatch ready;
private CountDownLatch wait;
diff --git
a/hadoop-ozone/integration-test/src/test/java/org/apache/hadoop/ozone/client/rpc/TestSecureOzoneRpcClient.java
b/hadoop-ozone/integration-test/src/test/java/org/apache/hadoop/ozone/client/rpc/TestSecureOzoneRpcClient.java
index 773f6be966..958a37380c 100644
---
a/hadoop-ozone/integration-test/src/test/java/org/apache/hadoop/ozone/client/rpc/TestSecureOzoneRpcClient.java
+++
b/hadoop-ozone/integration-test/src/test/java/org/apache/hadoop/ozone/client/rpc/TestSecureOzoneRpcClient.java
@@ -99,6 +99,8 @@ import static org.junit.jupiter.api.Assertions.assertThrows;
*/
class TestSecureOzoneRpcClient extends OzoneRpcClientTests {
+ private static String keyProviderUri = "kms://http@kms:9600/kms";
+
@BeforeAll
public static void init() throws Exception {
File testDir = GenericTestUtils.getTestDir(
@@ -120,6 +122,8 @@ class TestSecureOzoneRpcClient extends OzoneRpcClientTests {
conf.set(OMConfigKeys.OZONE_DEFAULT_BUCKET_LAYOUT,
OMConfigKeys.OZONE_BUCKET_LAYOUT_OBJECT_STORE);
conf.setBoolean(OzoneConfigKeys.OZONE_FS_HSYNC_ENABLED, true);
+ conf.set(CommonConfigurationKeysPublic.HADOOP_SECURITY_KEY_PROVIDER_PATH,
+ keyProviderUri);
MiniOzoneCluster.Builder builder = MiniOzoneCluster.newBuilder(conf)
.setCertificateClient(certificateClientTest)
.setSecretKeyClient(new SecretKeyTestClient());
@@ -433,6 +437,13 @@ class TestSecureOzoneRpcClient extends OzoneRpcClientTests
{
public void testZReadKeyWithUnhealthyContainerReplica() {
}
+ @Test
+ public void testGetServerDefaults() throws IOException {
+ assertNotNull(getClient().getProxy().getServerDefaults());
+ assertEquals(keyProviderUri,
+ getClient().getProxy().getServerDefaults().getKeyProviderUri());
+ }
+
@AfterAll
public static void shutdown() throws IOException {
shutdownCluster();
diff --git
a/hadoop-ozone/interface-client/src/main/proto/OmClientProtocol.proto
b/hadoop-ozone/interface-client/src/main/proto/OmClientProtocol.proto
index 4bdfa97b93..9e0f729be4 100644
--- a/hadoop-ozone/interface-client/src/main/proto/OmClientProtocol.proto
+++ b/hadoop-ozone/interface-client/src/main/proto/OmClientProtocol.proto
@@ -149,6 +149,7 @@ enum Type {
RenameSnapshot = 131;
ListOpenFiles = 132;
QuotaRepair = 133;
+ GetServerDefaults = 134;
}
enum SafeMode {
@@ -287,6 +288,7 @@ message OMRequest {
optional RenameSnapshotRequest RenameSnapshotRequest =
129;
optional ListOpenFilesRequest ListOpenFilesRequest =
130;
optional QuotaRepairRequest QuotaRepairRequest =
131;
+ optional ServerDefaultsRequest ServerDefaultsRequest =
132;
}
message OMResponse {
@@ -412,6 +414,7 @@ message OMResponse {
optional RenameSnapshotResponse RenameSnapshotResponse =
132;
optional ListOpenFilesResponse ListOpenFilesResponse =
133;
optional QuotaRepairResponse QuotaRepairResponse = 134;
+ optional ServerDefaultsResponse ServerDefaultsResponse =
135;
}
enum Status {
@@ -2202,6 +2205,17 @@ message BucketQuotaCount {
message QuotaRepairResponse {
}
+message ServerDefaultsRequest {
+}
+
+message FsServerDefaultsProto {
+ optional string keyProviderUri = 1;
+}
+
+message ServerDefaultsResponse {
+ required FsServerDefaultsProto serverDefaults = 1;
+}
+
message OMLockDetailsProto {
optional bool isLockAcquired = 1;
optional uint64 waitLockNanos = 2;
diff --git
a/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/OzoneManager.java
b/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/OzoneManager.java
index 9ceb9bb96d..a514262cae 100644
---
a/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/OzoneManager.java
+++
b/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/OzoneManager.java
@@ -26,6 +26,7 @@ import java.io.OutputStreamWriter;
import java.io.UncheckedIOException;
import java.net.InetAddress;
import java.net.InetSocketAddress;
+import java.net.URI;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.Path;
@@ -90,6 +91,7 @@ import org.apache.hadoop.hdds.server.OzoneAdmins;
import org.apache.hadoop.hdds.utils.db.Table;
import org.apache.hadoop.hdds.utils.db.Table.KeyValue;
import org.apache.hadoop.hdds.utils.db.TableIterator;
+import org.apache.hadoop.ozone.OzoneFsServerDefaults;
import org.apache.hadoop.ozone.OzoneManagerVersion;
import org.apache.hadoop.ozone.audit.OMSystemAction;
import org.apache.hadoop.ozone.om.helpers.LeaseKeyInfo;
@@ -187,6 +189,7 @@ import
org.apache.hadoop.ozone.om.protocolPB.OMAdminProtocolClientSideImpl;
import org.apache.hadoop.ozone.om.protocolPB.OMAdminProtocolPB;
import org.apache.hadoop.ozone.om.protocolPB.OzoneManagerProtocolPB;
import org.apache.hadoop.hdds.security.exception.OzoneSecurityException;
+import org.apache.hadoop.hdds.utils.LegacyHadoopConfigurationSource;
import org.apache.hadoop.hdds.utils.TransactionInfo;
import org.apache.hadoop.ozone.om.ratis.OzoneManagerRatisServer;
import org.apache.hadoop.ozone.om.ratis.utils.OzoneManagerRatisUtils;
@@ -434,6 +437,7 @@ public final class OzoneManager extends
ServiceRuntimeInfoImpl
private List<RatisDropwizardExports.MetricReporter> ratisReporterList = null;
private KeyProviderCryptoExtension kmsProvider;
+ private OzoneFsServerDefaults serverDefaults;
private final OMLayoutVersionManager versionManager;
private final ReplicationConfigValidator replicationConfigValidator;
@@ -651,6 +655,14 @@ public final class OzoneManager extends
ServiceRuntimeInfoImpl
kmsProvider = null;
LOG.error("Fail to create Key Provider");
}
+ Configuration hadoopConfig =
+ LegacyHadoopConfigurationSource.asHadoopConfiguration(configuration);
+ URI keyProviderUri = KMSUtil.getKeyProviderUri(
+ hadoopConfig,
+ CommonConfigurationKeysPublic.HADOOP_SECURITY_KEY_PROVIDER_PATH);
+ String keyProviderUriStr =
+ (keyProviderUri != null) ? keyProviderUri.toString() : null;
+ serverDefaults = new OzoneFsServerDefaults(keyProviderUriStr);
if (secConfig.isSecurityEnabled()) {
omComponent = OM_DAEMON + "-" + omId;
HddsProtos.OzoneManagerDetailsProto omInfo =
@@ -4768,6 +4780,11 @@ public final class OzoneManager extends
ServiceRuntimeInfoImpl
}
}
+ @Override
+ public OzoneFsServerDefaults getServerDefaults() {
+ return serverDefaults;
+ }
+
/**
* Write down Layout version of a finalized feature to DB on finalization.
* @param lvm OMLayoutVersionManager
diff --git
a/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/protocolPB/OzoneManagerRequestHandler.java
b/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/protocolPB/OzoneManagerRequestHandler.java
index eb9410501f..a5e94689ae 100644
---
a/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/protocolPB/OzoneManagerRequestHandler.java
+++
b/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/protocolPB/OzoneManagerRequestHandler.java
@@ -133,6 +133,7 @@ import
org.apache.hadoop.ozone.protocol.proto.OzoneManagerProtocolProtos.Service
import
org.apache.hadoop.ozone.protocol.proto.OzoneManagerProtocolProtos.SetSafeModeRequest;
import
org.apache.hadoop.ozone.protocol.proto.OzoneManagerProtocolProtos.SetSafeModeResponse;
import
org.apache.hadoop.ozone.protocol.proto.OzoneManagerProtocolProtos.GetS3VolumeContextResponse;
+import
org.apache.hadoop.ozone.protocol.proto.OzoneManagerProtocolProtos.ServerDefaultsResponse;
import
org.apache.hadoop.ozone.protocol.proto.OzoneManagerProtocolProtos.Status;
import
org.apache.hadoop.ozone.protocol.proto.OzoneManagerProtocolProtos.SnapshotDiffRequest;
import
org.apache.hadoop.ozone.protocol.proto.OzoneManagerProtocolProtos.SnapshotDiffResponse;
@@ -383,6 +384,12 @@ public class OzoneManagerRequestHandler implements
RequestHandler {
getSnapshotInfo(request.getSnapshotInfoRequest());
responseBuilder.setSnapshotInfoResponse(snapshotInfoResponse);
break;
+ case GetServerDefaults:
+ responseBuilder.setServerDefaultsResponse(
+ ServerDefaultsResponse.newBuilder()
+ .setServerDefaults(impl.getServerDefaults().getProtobuf())
+ .build());
+ break;
default:
responseBuilder.setSuccess(false);
responseBuilder.setMessage("Unrecognized Command Type: " + cmdType);
diff --git
a/hadoop-ozone/ozonefs-common/src/main/java/org/apache/hadoop/fs/ozone/BasicOzoneClientAdapterImpl.java
b/hadoop-ozone/ozonefs-common/src/main/java/org/apache/hadoop/fs/ozone/BasicOzoneClientAdapterImpl.java
index 658685779e..df8ece0348 100644
---
a/hadoop-ozone/ozonefs-common/src/main/java/org/apache/hadoop/fs/ozone/BasicOzoneClientAdapterImpl.java
+++
b/hadoop-ozone/ozonefs-common/src/main/java/org/apache/hadoop/fs/ozone/BasicOzoneClientAdapterImpl.java
@@ -55,6 +55,7 @@ import org.apache.hadoop.hdfs.protocol.SnapshotDiffReport;
import org.apache.hadoop.io.Text;
import org.apache.hadoop.ozone.OmUtils;
import org.apache.hadoop.ozone.OzoneConfigKeys;
+import org.apache.hadoop.ozone.OzoneFsServerDefaults;
import org.apache.hadoop.ozone.client.ObjectStore;
import org.apache.hadoop.ozone.client.OzoneBucket;
import org.apache.hadoop.ozone.client.OzoneClient;
@@ -463,6 +464,11 @@ public class BasicOzoneClientAdapterImpl implements
OzoneClientAdapter {
}
+ @Override
+ public OzoneFsServerDefaults getServerDefaults() throws IOException {
+ return objectStore.getServerDefaults();
+ }
+
@Override
public KeyProvider getKeyProvider() throws IOException {
return objectStore.getKeyProvider();
diff --git
a/hadoop-ozone/ozonefs-common/src/main/java/org/apache/hadoop/fs/ozone/BasicOzoneFileSystem.java
b/hadoop-ozone/ozonefs-common/src/main/java/org/apache/hadoop/fs/ozone/BasicOzoneFileSystem.java
index aabf17d086..f25d901147 100644
---
a/hadoop-ozone/ozonefs-common/src/main/java/org/apache/hadoop/fs/ozone/BasicOzoneFileSystem.java
+++
b/hadoop-ozone/ozonefs-common/src/main/java/org/apache/hadoop/fs/ozone/BasicOzoneFileSystem.java
@@ -44,6 +44,7 @@ import org.apache.hadoop.hdds.conf.OzoneConfiguration;
import org.apache.hadoop.hdds.conf.StorageUnit;
import org.apache.hadoop.hdds.utils.LegacyHadoopConfigurationSource;
import org.apache.hadoop.ozone.OzoneConfigKeys;
+import org.apache.hadoop.ozone.OzoneFsServerDefaults;
import org.apache.hadoop.ozone.client.io.SelectorOutputStream;
import org.apache.hadoop.ozone.om.exceptions.OMException;
import org.apache.hadoop.ozone.om.helpers.OzoneFSUtils;
@@ -865,6 +866,11 @@ public class BasicOzoneFileSystem extends FileSystem {
return adapter.getDefaultReplication();
}
+ @Override
+ public OzoneFsServerDefaults getServerDefaults() throws IOException {
+ return adapter.getServerDefaults();
+ }
+
@Override
public void copyFromLocalFile(boolean delSrc, boolean overwrite, Path[] srcs,
Path dst) throws IOException {
diff --git
a/hadoop-ozone/ozonefs-common/src/main/java/org/apache/hadoop/fs/ozone/BasicRootedOzoneClientAdapterImpl.java
b/hadoop-ozone/ozonefs-common/src/main/java/org/apache/hadoop/fs/ozone/BasicRootedOzoneClientAdapterImpl.java
index bb2725063e..14c297d9f4 100644
---
a/hadoop-ozone/ozonefs-common/src/main/java/org/apache/hadoop/fs/ozone/BasicRootedOzoneClientAdapterImpl.java
+++
b/hadoop-ozone/ozonefs-common/src/main/java/org/apache/hadoop/fs/ozone/BasicRootedOzoneClientAdapterImpl.java
@@ -64,6 +64,7 @@ import org.apache.hadoop.io.Text;
import org.apache.hadoop.ozone.OFSPath;
import org.apache.hadoop.ozone.OmUtils;
import org.apache.hadoop.ozone.OzoneConfigKeys;
+import org.apache.hadoop.ozone.OzoneFsServerDefaults;
import org.apache.hadoop.ozone.client.ObjectStore;
import org.apache.hadoop.ozone.client.OzoneBucket;
import org.apache.hadoop.ozone.client.OzoneClient;
@@ -963,6 +964,11 @@ public class BasicRootedOzoneClientAdapterImpl
return objectStore;
}
+ @Override
+ public OzoneFsServerDefaults getServerDefaults() throws IOException {
+ return objectStore.getServerDefaults();
+ }
+
@Override
public KeyProvider getKeyProvider() throws IOException {
return objectStore.getKeyProvider();
diff --git
a/hadoop-ozone/ozonefs-common/src/main/java/org/apache/hadoop/fs/ozone/BasicRootedOzoneFileSystem.java
b/hadoop-ozone/ozonefs-common/src/main/java/org/apache/hadoop/fs/ozone/BasicRootedOzoneFileSystem.java
index 55d8e37c46..eb346b5edc 100644
---
a/hadoop-ozone/ozonefs-common/src/main/java/org/apache/hadoop/fs/ozone/BasicRootedOzoneFileSystem.java
+++
b/hadoop-ozone/ozonefs-common/src/main/java/org/apache/hadoop/fs/ozone/BasicRootedOzoneFileSystem.java
@@ -48,6 +48,7 @@ import
org.apache.hadoop.hdds.utils.LegacyHadoopConfigurationSource;
import org.apache.hadoop.hdfs.protocol.SnapshotDiffReport;
import org.apache.hadoop.ozone.OFSPath;
import org.apache.hadoop.ozone.OzoneConfigKeys;
+import org.apache.hadoop.ozone.OzoneFsServerDefaults;
import org.apache.hadoop.ozone.client.OzoneBucket;
import org.apache.hadoop.ozone.client.OzoneVolume;
import org.apache.hadoop.ozone.client.io.SelectorOutputStream;
@@ -1107,6 +1108,11 @@ public class BasicRootedOzoneFileSystem extends
FileSystem {
return adapter.getDefaultReplication();
}
+ @Override
+ public OzoneFsServerDefaults getServerDefaults() throws IOException {
+ return adapter.getServerDefaults();
+ }
+
@Override
public void copyFromLocalFile(boolean delSrc, boolean overwrite, Path[] srcs,
Path dst) throws IOException {
diff --git
a/hadoop-ozone/ozonefs-common/src/main/java/org/apache/hadoop/fs/ozone/OzoneClientAdapter.java
b/hadoop-ozone/ozonefs-common/src/main/java/org/apache/hadoop/fs/ozone/OzoneClientAdapter.java
index 7e78d6650e..e468ac498c 100644
---
a/hadoop-ozone/ozonefs-common/src/main/java/org/apache/hadoop/fs/ozone/OzoneClientAdapter.java
+++
b/hadoop-ozone/ozonefs-common/src/main/java/org/apache/hadoop/fs/ozone/OzoneClientAdapter.java
@@ -28,6 +28,7 @@ import org.apache.hadoop.fs.FileChecksum;
import org.apache.hadoop.fs.Path;
import org.apache.hadoop.fs.SafeModeAction;
import org.apache.hadoop.hdfs.protocol.SnapshotDiffReport;
+import org.apache.hadoop.ozone.OzoneFsServerDefaults;
import org.apache.hadoop.ozone.om.helpers.LeaseKeyInfo;
import org.apache.hadoop.ozone.om.helpers.OmKeyArgs;
import org.apache.hadoop.ozone.om.helpers.OmKeyLocationInfo;
@@ -74,6 +75,8 @@ public interface OzoneClientAdapter {
Token<OzoneTokenIdentifier> getDelegationToken(String renewer)
throws IOException;
+
+ OzoneFsServerDefaults getServerDefaults() throws IOException;
KeyProvider getKeyProvider() throws IOException;
diff --git
a/hadoop-ozone/s3gateway/src/test/java/org/apache/hadoop/ozone/client/ClientProtocolStub.java
b/hadoop-ozone/s3gateway/src/test/java/org/apache/hadoop/ozone/client/ClientProtocolStub.java
index 21c3f8358f..41876c6e24 100644
---
a/hadoop-ozone/s3gateway/src/test/java/org/apache/hadoop/ozone/client/ClientProtocolStub.java
+++
b/hadoop-ozone/s3gateway/src/test/java/org/apache/hadoop/ozone/client/ClientProtocolStub.java
@@ -27,6 +27,7 @@ import org.apache.hadoop.hdds.client.ReplicationType;
import org.apache.hadoop.hdds.protocol.DatanodeDetails;
import org.apache.hadoop.hdds.protocol.StorageType;
import org.apache.hadoop.io.Text;
+import org.apache.hadoop.ozone.OzoneFsServerDefaults;
import org.apache.hadoop.ozone.OzoneAcl;
import org.apache.hadoop.ozone.client.io.OzoneDataStreamOutput;
import org.apache.hadoop.ozone.client.io.OzoneInputStream;
@@ -504,6 +505,11 @@ public class ClientProtocolStub implements ClientProtocol {
return null;
}
+ @Override
+ public OzoneFsServerDefaults getServerDefaults() throws IOException {
+ return null;
+ }
+
@Override
public KeyProvider getKeyProvider() throws IOException {
return null;
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
