RANGER-618 : KMS gets slower in key creation once Database grows Signed-off-by: Velmurugan Periasamy <[email protected]>
Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/e4f7fa92 Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/e4f7fa92 Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/e4f7fa92 Branch: refs/heads/HDP-2.3.2-groupid Commit: e4f7fa9254ed75798717caecc3ff49faab948148 Parents: cabac2c Author: Gautam Borad <[email protected]> Authored: Tue Aug 18 16:27:14 2015 +0530 Committer: Velmurugan Periasamy <[email protected]> Committed: Sun Sep 6 10:17:58 2015 -0400 ---------------------------------------------------------------------- .../hadoop/crypto/key/RangerKeyStore.java | 20 ++++++++++++++------ 1 file changed, 14 insertions(+), 6 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/e4f7fa92/kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStore.java ---------------------------------------------------------------------- diff --git a/kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStore.java b/kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStore.java index dc8efde..ff82f53 100644 --- a/kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStore.java +++ b/kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStore.java @@ -83,6 +83,7 @@ public class RangerKeyStore extends KeyStoreSpi { } private Hashtable<String, Object> keyEntries = new Hashtable<String, Object>(); + private Hashtable<String, Object> deltaEntries = new Hashtable<String, Object>(); RangerKeyStore() { } @@ -136,7 +137,7 @@ public class RangerKeyStore extends KeyStoreSpi { public void addKeyEntry(String alias, Key key, char[] password, String cipher, int bitLength, String description, int version, String attributes) throws KeyStoreException { - synchronized(keyEntries) { + synchronized(deltaEntries) { try { Class<?> c = null; @@ -163,7 +164,8 @@ public class RangerKeyStore extends KeyStoreSpi { entry.description = description; entry.version = version; entry.attributes = attributes; - keyEntries.put(alias.toLowerCase(), entry); + deltaEntries.put(alias.toLowerCase(), entry); + keyEntries.put(alias.toLowerCase(), entry); } catch (Exception e) { logger.error(e.getMessage()); throw new KeyStoreException(e.getMessage()); @@ -177,7 +179,8 @@ public class RangerKeyStore extends KeyStoreSpi { { synchronized(keyEntries) { dbOperationDelete(convertAlias(alias)); - keyEntries.remove(convertAlias(alias)); + keyEntries.remove(convertAlias(alias)); + deltaEntries.remove(convertAlias(alias)); } } @@ -214,7 +217,7 @@ public class RangerKeyStore extends KeyStoreSpi { public void engineStore(OutputStream stream, char[] password) throws IOException, NoSuchAlgorithmException, CertificateException { - synchronized(keyEntries) { + synchronized(deltaEntries) { // password is mandatory when storing if (password == null) { throw new IllegalArgumentException("Ranger Master Key can't be null"); @@ -223,7 +226,7 @@ public class RangerKeyStore extends KeyStoreSpi { MessageDigest md = getKeyedMessageDigest(password); byte digest[] = md.digest(); - for (Enumeration<String> e = keyEntries.keys(); e.hasMoreElements();) { + for (Enumeration<String> e = deltaEntries.keys(); e.hasMoreElements();) { ByteArrayOutputStream baos = new ByteArrayOutputStream(); DataOutputStream dos = new DataOutputStream(new DigestOutputStream(baos, md)); @@ -231,7 +234,7 @@ public class RangerKeyStore extends KeyStoreSpi { try{ String alias = e.nextElement(); - Object entry = keyEntries.get(alias); + Object entry = deltaEntries.get(alias); oos = new ObjectOutputStream(dos); oos.writeObject(((SecretKeyEntry)entry).sealedKey); @@ -250,6 +253,7 @@ public class RangerKeyStore extends KeyStoreSpi { } } } + clearDeltaEntires(); } } @@ -537,4 +541,8 @@ public class RangerKeyStore extends KeyStoreSpi { } } + public void clearDeltaEntires(){ + deltaEntries.clear(); + } + } \ No newline at end of file
