Repository: sentry Updated Branches: refs/heads/sentry-ha-redesign 747c22601 -> 037059774
SENTRY-1833: Expose current set of IDs as Sentry metrics (Alex Kolbasov, reviewed by: Na Li, Vamsee Yarlagadda, Kalyan Kalvagadda) Project: http://git-wip-us.apache.org/repos/asf/sentry/repo Commit: http://git-wip-us.apache.org/repos/asf/sentry/commit/03705977 Tree: http://git-wip-us.apache.org/repos/asf/sentry/tree/03705977 Diff: http://git-wip-us.apache.org/repos/asf/sentry/diff/03705977 Branch: refs/heads/sentry-ha-redesign Commit: 03705977464e8ff596aa6652b798cada4c0a5a72 Parents: 747c226 Author: Alexander Kolbasov <[email protected]> Authored: Tue Jul 11 23:38:06 2017 +0200 Committer: Alexander Kolbasov <[email protected]> Committed: Tue Jul 11 23:38:06 2017 +0200 ---------------------------------------------------------------------- .../db/service/persistent/SentryStore.java | 122 +++++++++++++++---- .../db/service/thrift/SentryMetrics.java | 9 +- 2 files changed, 104 insertions(+), 27 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/sentry/blob/03705977/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java index c6f3cc8..350c922 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java @@ -206,17 +206,16 @@ public class SentryStore { prop.setProperty(ServerConfig.JAVAX_JDO_DRIVER_NAME, driverName); /* - * Oracle doesn't support "repeatable-read" isolation level, so we use - * "serializable" instead. This should be handled by Datanucleus, but it - * incorrectly states that "repeatable-read" is supported and Oracle barks - * at run-time. This code is a hack, but until it is fixed in Datanucleus - * we can't do much. - * - * JDBC URL always looks like jdbc:oracle:<drivertype>:@<database> - * we look at the second component. - * - * The isolation property can be overwritten via configuration property. - */ + * Oracle doesn't support "repeatable-read" isolation level, so we use* "serializable" instead. This should be handled by Datanucleus, but it + * incorrectly states that "repeatable-read" is supported and Oracle barks + * at run-time. This code is a hack, but until it is fixed in Datanucleus + * we can't do much. + * + * JDBC URL always looks like jdbc:oracle:<drivertype>:@<database> + * we look at the second component. + * + * The isolation property can be overwritten via configuration property. + */ final String oracleDb = "oracle"; if (prop.getProperty(ServerConfig.DATANUCLEUS_ISOLATION_LEVEL, ""). equals(ServerConfig.DATANUCLEUS_REPEATABLE_READ) && @@ -290,20 +289,6 @@ public class SentryStore { } } - private void rollbackTransaction(PersistenceManager pm) { - if (pm == null || pm.isClosed()) { - return; - } - Transaction currentTransaction = pm.currentTransaction(); - if (currentTransaction.isActive()) { - try { - currentTransaction.rollback(); - } finally { - pm.close(); - } - } - } - /** * Get a single role with the given name inside a transaction * @param pm Persistence Manager instance @@ -475,6 +460,71 @@ public class SentryStore { } /** + * @return ID of the path snapshot + */ + public Gauge<Long> getLastPathsSnapshotIdGauge() { + return new Gauge<Long>() { + @Override + public Long getValue() { + try { + return getCurrentAuthzPathsSnapshotID(); + } catch (Exception e) { + LOGGER.error("Can not read current paths snapshot ID", e); + return NOTIFICATION_UNKNOWN; + } + } + }; + } + + /** + * @return Permissions change ID + */ + public Gauge<Long> getPermChangeIdGauge() { + return new Gauge<Long>() { + @Override + public Long getValue() { + try { + return tm.executeTransaction( + new TransactionBlock<Long>() { + @Override + public Long execute(PersistenceManager pm) throws Exception { + return getLastProcessedChangeIDCore(pm, MSentryPermChange.class); + } + } + ); + } catch (Exception e) { + LOGGER.error("Can not read current permissions change ID", e); + return NOTIFICATION_UNKNOWN; + } + } + }; + } + + /** + * @return Path change id + */ + public Gauge<Long> getPathChangeIdGauge() { + return new Gauge<Long>() { + @Override + public Long getValue() { + try { + return tm.executeTransaction( + new TransactionBlock<Long>() { + @Override + public Long execute(PersistenceManager pm) throws Exception { + return getLastProcessedChangeIDCore(pm, MSentryPathChange.class); + } + } + ); + } catch (Exception e) { + LOGGER.error("Can not read current path change ID", e); + return NOTIFICATION_UNKNOWN; + } + } + }; + } + + /** * Lets the test code know how many privs are in the db, so that we know * if they are in fact being cleaned up when not being referenced any more. * @return The number of rows in the db priv table. @@ -2601,7 +2651,8 @@ public class SentryStore { } /** - * Gets the last authorization path snapshot ID persisted. + * Get the last authorization path snapshot ID persisted. + * Always executed in the transaction context. * * @param pm The PersistenceManager object. * @return the last persisted snapshot ID. It returns 0 if no rows are found. @@ -2610,6 +2661,25 @@ public class SentryStore { return getMaxPersistedIDCore(pm, MAuthzPathsSnapshotId.class, "authzSnapshotID", EMPTY_PATHS_SNAPSHOT_ID); } + + /** + * Get the last authorization path snapshot ID persisted. + * Always executed in the non-transaction context. + * This is used for metrics, so no retries are attempted. + * + * @return the last persisted snapshot ID. It returns 0 if no rows are found. + */ + private long getCurrentAuthzPathsSnapshotID() throws Exception { + return tm.executeTransaction( + new TransactionBlock<Long>() { + @Override + public Long execute(PersistenceManager pm) throws Exception { + return getCurrentAuthzPathsSnapshotID(pm); + } + } + ); + } + /** * Adds the authzObj and with a set of paths into the authzObj -> [Paths] mapping. * As well as persist the corresponding delta path change to MSentryPathChange http://git-wip-us.apache.org/repos/asf/sentry/blob/03705977/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryMetrics.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryMetrics.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryMetrics.java index 9d42d2e..32a0664 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryMetrics.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryMetrics.java @@ -145,7 +145,14 @@ public final class SentryMetrics { sentryStore.getPrivilegeCountGauge()); addGauge(SentryStore.class, "group_count", sentryStore.getGroupCountGauge()); addGauge(SentryStore.class, "hms.waiters", sentryStore.getHMSWaitersCountGauge()); - addGauge(SentryStore.class, "hms.notification.id", sentryStore.getLastNotificationIdGauge()); + addGauge(SentryStore.class, "hms.notification.id", + sentryStore.getLastNotificationIdGauge()); + addGauge(SentryStore.class, "hms.snapshot.paths.id", + sentryStore.getLastPathsSnapshotIdGauge()); + addGauge(SentryStore.class, "hms.perm.change.id", + sentryStore.getPermChangeIdGauge()); + addGauge(SentryStore.class, "hms.psth.change.id", + sentryStore.getPathChangeIdGauge()); gaugesAdded = true; } }
