[kudu-CR] KUDU-2543 pt 2: pass around default authz tokens
Andrew Wong has submitted this change and it was merged. ( http://gerrit.cloudera.org:8080/12122 ) Change subject: KUDU-2543 pt 2: pass around default authz tokens .. KUDU-2543 pt 2: pass around default authz tokens Adds authz token generation to the master's GetTableSchema endpoint, with which clients can authorize themselves for specific tables. A client will cache these tokens and use them appropriately for RPCs that need them (e.g. Writes and Scans), reacquiring them when receiving word that they are expired. This is tested in the following ways: - unit tests for the new client-side cache for authz tokens - parameterized the token expiration test for authn and authz tokens to have varying token expirations, testing when authn tokens expire but not authz tokens, and vice versa - added various tests to ensure the client behaves correctly in various non-happy cases Change-Id: I7971d652d6adc822167cf959bffd5f994a7ca565 Reviewed-on: http://gerrit.cloudera.org:8080/12122 Tested-by: Kudu Jenkins Reviewed-by: Alexey Serbin Reviewed-by: Hao Hao --- M src/kudu/client/CMakeLists.txt A src/kudu/client/authz_token_cache.cc A src/kudu/client/authz_token_cache.h M src/kudu/client/batcher.cc M src/kudu/client/client-internal.cc M src/kudu/client/client-internal.h M src/kudu/client/client-test.cc M src/kudu/client/client.h M src/kudu/client/scanner-internal.cc M src/kudu/client/scanner-internal.h M src/kudu/integration-tests/CMakeLists.txt R src/kudu/integration-tests/auth_token_expire-itest.cc A src/kudu/integration-tests/authz_token-itest.cc M src/kudu/master/catalog_manager.h M src/kudu/master/master-test.cc M src/kudu/master/master.proto M src/kudu/master/master_service.cc M src/kudu/rpc/retriable_rpc.h M src/kudu/rpc/rpc.h M src/kudu/util/test_util.h 20 files changed, 1,347 insertions(+), 95 deletions(-) Approvals: Kudu Jenkins: Verified Alexey Serbin: Looks good to me, approved Hao Hao: Looks good to me, approved -- To view, visit http://gerrit.cloudera.org:8080/12122 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: merged Gerrit-Change-Id: I7971d652d6adc822167cf959bffd5f994a7ca565 Gerrit-Change-Number: 12122 Gerrit-PatchSet: 13 Gerrit-Owner: Andrew Wong Gerrit-Reviewer: Adar Dembo Gerrit-Reviewer: Alexey Serbin Gerrit-Reviewer: Andrew Wong Gerrit-Reviewer: Hao Hao Gerrit-Reviewer: Kudu Jenkins (120) Gerrit-Reviewer: Tidy Bot (241)
[kudu-CR] KUDU-2543 pt 2: pass around default authz tokens
Hao Hao has posted comments on this change. ( http://gerrit.cloudera.org:8080/12122 ) Change subject: KUDU-2543 pt 2: pass around default authz tokens .. Patch Set 12: Code-Review+2 -- To view, visit http://gerrit.cloudera.org:8080/12122 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: I7971d652d6adc822167cf959bffd5f994a7ca565 Gerrit-Change-Number: 12122 Gerrit-PatchSet: 12 Gerrit-Owner: Andrew Wong Gerrit-Reviewer: Adar Dembo Gerrit-Reviewer: Alexey Serbin Gerrit-Reviewer: Andrew Wong Gerrit-Reviewer: Hao Hao Gerrit-Reviewer: Kudu Jenkins (120) Gerrit-Reviewer: Tidy Bot (241) Gerrit-Comment-Date: Wed, 13 Feb 2019 19:14:29 + Gerrit-HasComments: No
[kudu-CR] KUDU-2543 pt 2: pass around default authz tokens
Alexey Serbin has posted comments on this change. ( http://gerrit.cloudera.org:8080/12122 ) Change subject: KUDU-2543 pt 2: pass around default authz tokens .. Patch Set 12: Code-Review+2 (2 comments) http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/client/authz_token_cache.cc File src/kudu/client/authz_token_cache.cc: http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/client/authz_token_cache.cc@103 PS10, Line 103: VLOG(1) << Substitute("Putting new token for tab > I suppose, but the work done under lock is pretty paltry. I've generally us SGTM http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/master/master.proto File src/kudu/master/master.proto: http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/master/master.proto@638 PS10, Line 638: can always be expected with this response, unles > Ah, you're right. If the response has an error, we shouldn't expect an auth Thanks for clarification! -- To view, visit http://gerrit.cloudera.org:8080/12122 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: I7971d652d6adc822167cf959bffd5f994a7ca565 Gerrit-Change-Number: 12122 Gerrit-PatchSet: 12 Gerrit-Owner: Andrew Wong Gerrit-Reviewer: Adar Dembo Gerrit-Reviewer: Alexey Serbin Gerrit-Reviewer: Andrew Wong Gerrit-Reviewer: Hao Hao Gerrit-Reviewer: Kudu Jenkins (120) Gerrit-Reviewer: Tidy Bot (241) Gerrit-Comment-Date: Wed, 13 Feb 2019 05:25:15 + Gerrit-HasComments: Yes
[kudu-CR] KUDU-2543 pt 2: pass around default authz tokens
Hello Tidy Bot, Alexey Serbin, Kudu Jenkins, Adar Dembo, Hao Hao, I'd like you to reexamine a change. Please visit http://gerrit.cloudera.org:8080/12122 to look at the new patch set (#12). Change subject: KUDU-2543 pt 2: pass around default authz tokens .. KUDU-2543 pt 2: pass around default authz tokens Adds authz token generation to the master's GetTableSchema endpoint, with which clients can authorize themselves for specific tables. A client will cache these tokens and use them appropriately for RPCs that need them (e.g. Writes and Scans), reacquiring them when receiving word that they are expired. This is tested in the following ways: - unit tests for the new client-side cache for authz tokens - parameterized the token expiration test for authn and authz tokens to have varying token expirations, testing when authn tokens expire but not authz tokens, and vice versa - added various tests to ensure the client behaves correctly in various non-happy cases Change-Id: I7971d652d6adc822167cf959bffd5f994a7ca565 --- M src/kudu/client/CMakeLists.txt A src/kudu/client/authz_token_cache.cc A src/kudu/client/authz_token_cache.h M src/kudu/client/batcher.cc M src/kudu/client/client-internal.cc M src/kudu/client/client-internal.h M src/kudu/client/client-test.cc M src/kudu/client/client.h M src/kudu/client/scanner-internal.cc M src/kudu/client/scanner-internal.h M src/kudu/integration-tests/CMakeLists.txt R src/kudu/integration-tests/auth_token_expire-itest.cc A src/kudu/integration-tests/authz_token-itest.cc M src/kudu/master/catalog_manager.h M src/kudu/master/master-test.cc M src/kudu/master/master.proto M src/kudu/master/master_service.cc M src/kudu/rpc/retriable_rpc.h M src/kudu/rpc/rpc.h M src/kudu/util/test_util.h 20 files changed, 1,347 insertions(+), 95 deletions(-) git pull ssh://gerrit.cloudera.org:29418/kudu refs/changes/22/12122/12 -- To view, visit http://gerrit.cloudera.org:8080/12122 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: newpatchset Gerrit-Change-Id: I7971d652d6adc822167cf959bffd5f994a7ca565 Gerrit-Change-Number: 12122 Gerrit-PatchSet: 12 Gerrit-Owner: Andrew Wong Gerrit-Reviewer: Adar Dembo Gerrit-Reviewer: Alexey Serbin Gerrit-Reviewer: Andrew Wong Gerrit-Reviewer: Hao Hao Gerrit-Reviewer: Kudu Jenkins (120) Gerrit-Reviewer: Tidy Bot (241)
[kudu-CR] KUDU-2543 pt 2: pass around default authz tokens
Hao Hao has posted comments on this change. ( http://gerrit.cloudera.org:8080/12122 ) Change subject: KUDU-2543 pt 2: pass around default authz tokens .. Patch Set 11: Code-Review+1 LGTM, might need to look into the IWYU failure. -- To view, visit http://gerrit.cloudera.org:8080/12122 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: I7971d652d6adc822167cf959bffd5f994a7ca565 Gerrit-Change-Number: 12122 Gerrit-PatchSet: 11 Gerrit-Owner: Andrew Wong Gerrit-Reviewer: Adar Dembo Gerrit-Reviewer: Alexey Serbin Gerrit-Reviewer: Andrew Wong Gerrit-Reviewer: Hao Hao Gerrit-Reviewer: Kudu Jenkins (120) Gerrit-Reviewer: Tidy Bot (241) Gerrit-Comment-Date: Wed, 13 Feb 2019 02:19:44 + Gerrit-HasComments: No
[kudu-CR] KUDU-2543 pt 2: pass around default authz tokens
Adar Dembo has posted comments on this change. ( http://gerrit.cloudera.org:8080/12122 ) Change subject: KUDU-2543 pt 2: pass around default authz tokens .. Patch Set 11: Code-Review+1 -- To view, visit http://gerrit.cloudera.org:8080/12122 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: I7971d652d6adc822167cf959bffd5f994a7ca565 Gerrit-Change-Number: 12122 Gerrit-PatchSet: 11 Gerrit-Owner: Andrew Wong Gerrit-Reviewer: Adar Dembo Gerrit-Reviewer: Alexey Serbin Gerrit-Reviewer: Andrew Wong Gerrit-Reviewer: Hao Hao Gerrit-Reviewer: Kudu Jenkins (120) Gerrit-Reviewer: Tidy Bot (241) Gerrit-Comment-Date: Wed, 13 Feb 2019 01:38:35 + Gerrit-HasComments: No
[kudu-CR] KUDU-2543 pt 2: pass around default authz tokens
Hello Tidy Bot, Alexey Serbin, Kudu Jenkins, Adar Dembo, Hao Hao, I'd like you to reexamine a change. Please visit http://gerrit.cloudera.org:8080/12122 to look at the new patch set (#11). Change subject: KUDU-2543 pt 2: pass around default authz tokens .. KUDU-2543 pt 2: pass around default authz tokens Adds authz token generation to the master's GetTableSchema endpoint, with which clients can authorize themselves for specific tables. A client will cache these tokens and use them appropriately for RPCs that need them (e.g. Writes and Scans), reacquiring them when receiving word that they are expired. This is tested in the following ways: - unit tests for the new client-side cache for authz tokens - parameterized the token expiration test for authn and authz tokens to have varying token expirations, testing when authn tokens expire but not authz tokens, and vice versa - added various tests to ensure the client behaves correctly in various non-happy cases Change-Id: I7971d652d6adc822167cf959bffd5f994a7ca565 --- M src/kudu/client/CMakeLists.txt A src/kudu/client/authz_token_cache.cc A src/kudu/client/authz_token_cache.h M src/kudu/client/batcher.cc M src/kudu/client/client-internal.cc M src/kudu/client/client-internal.h M src/kudu/client/client-test.cc M src/kudu/client/client.h M src/kudu/client/scanner-internal.cc M src/kudu/client/scanner-internal.h M src/kudu/integration-tests/CMakeLists.txt R src/kudu/integration-tests/auth_token_expire-itest.cc A src/kudu/integration-tests/authz_token-itest.cc M src/kudu/master/catalog_manager.h M src/kudu/master/master-test.cc M src/kudu/master/master.proto M src/kudu/master/master_service.cc M src/kudu/rpc/retriable_rpc.h M src/kudu/rpc/rpc.h M src/kudu/util/test_util.h 20 files changed, 1,345 insertions(+), 95 deletions(-) git pull ssh://gerrit.cloudera.org:29418/kudu refs/changes/22/12122/11 -- To view, visit http://gerrit.cloudera.org:8080/12122 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: newpatchset Gerrit-Change-Id: I7971d652d6adc822167cf959bffd5f994a7ca565 Gerrit-Change-Number: 12122 Gerrit-PatchSet: 11 Gerrit-Owner: Andrew Wong Gerrit-Reviewer: Adar Dembo Gerrit-Reviewer: Alexey Serbin Gerrit-Reviewer: Andrew Wong Gerrit-Reviewer: Hao Hao Gerrit-Reviewer: Kudu Jenkins (120) Gerrit-Reviewer: Tidy Bot (241)
[kudu-CR] KUDU-2543 pt 2: pass around default authz tokens
Andrew Wong has posted comments on this change. ( http://gerrit.cloudera.org:8080/12122 ) Change subject: KUDU-2543 pt 2: pass around default authz tokens .. Patch Set 10: (21 comments) http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/client/authz_token_cache.h File src/kudu/client/authz_token_cache.h: http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/client/authz_token_cache.h@47 PS10, Line 47: asynchonous > asynchronous Done http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/client/authz_token_cache.h@84 PS10, Line 84: // Adds an authz token to the cache for 'table_id', replacing any that : // previously existed. : void Put(const std::string& table_id, :security::SignedTokenPB authz_token); > Yep, indeed -- I took another look and found them there. Ack http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/client/authz_token_cache.h@123 PS10, Line 123: table id > nit: either 'table ID' or change 'table ID' --> 'table id' at line 130. Done http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/client/authz_token_cache.cc File src/kudu/client/authz_token_cache.cc: http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/client/authz_token_cache.cc@63 PS10, Line 63: > style nit: 4 spaces Done http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/client/authz_token_cache.cc@84 PS10, Line 84: if (new_status.ok() && resp_.has_authz_token()) { : client_->data_->authz_token_cache_.Put(table_->id(), resp_.authz_token()); : } : user_cb_.Run(new_status); > What if (new_status.ok() && !resp_.has_authz_token())? Does that situation Done http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/client/authz_token_cache.cc@73 PS10, Line 73: void RetrieveAuthzTokenRpc::SendRpcCb(const Status& status) { : Status new_status = status; : // Check for generic master RPC errors. : if (RetryOrReconnectIfNecessary(_status)) { : return; : } : // Unwrap and return any other application errors that may be returned by the : // master service. : if (new_status.ok() && resp_.has_error()) { : new_status = StatusFromPB(resp_.error().status()); : } : if (new_status.ok() && resp_.has_authz_token()) { : client_->data_->authz_token_cache_.Put(table_->id(), resp_.authz_token()); : } : user_cb_.Run(new_status); : } : : string RetrieveAuthzTokenRpc::ToString() const { : return Substitute("$0 { table: '$1' ($2), attempt: $3 }", AsyncLeaderMasterRpc::ToString(), : req_.table().table_name(), req_.table().table_id(), num_attempts()); : } > nit: could you reorder these to match the order of declaration in the .h fi Done http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/client/authz_token_cache.cc@103 PS10, Line 103: std::lock_guard l(token_lock_); > nit: would it make sense to use shared_lock pattern here? For example, tha I suppose, but the work done under lock is pretty paltry. I've generally used that pattern when there is more work to be done per reader or per writer; in this case, both readers and writers are just updating entries in a map. http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/client/authz_token_cache.cc@123 PS10, Line 123: rpc_and_cbs->second.emplace_back(std::move(callback)); > nit: add DCHECK(!rpc_and_cbs->second.empty()) before adding a new element ( Done http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/client/authz_token_cache.cc@129 PS10, Line 129: RpcAndCallbacks({ rpc, { std::move(callback) } }) > whoops, apparently you cannot Done http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/client/authz_token_cache.cc@143 PS10, Line 143: rpc_and_cbs.second > I'm not sure .second is necessary here: the EraseKeyReturnValuePtr() is sup Right, but the mapped type is the RpcAndCallbacks pair. http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/client/authz_token_cache.cc@143 PS10, Line 143: rpc_and_cbs.second > I take this back: I missed the fact the value in the map is std::pair. Ack http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/client/client-test.cc File src/kudu/client/client-test.cc: http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/client/client-test.cc@5833 PS10, Line 5833: ASSERT_TRUE(new_data->FetchCachedAuthzToken(table_id, _token)); > Does it make sense to verify that storing authz token into 'new_data' does Done http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/client/client.h File src/kudu/client/client.h: http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/client/client.h@637 PS10, Line 637: FRIEND_TEST(ClientTest, TestInvalidAuthorizationTokens); > Is it still
[kudu-CR] KUDU-2543 pt 2: pass around default authz tokens
Alexey Serbin has posted comments on this change. ( http://gerrit.cloudera.org:8080/12122 ) Change subject: KUDU-2543 pt 2: pass around default authz tokens .. Patch Set 10: (11 comments) http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/client/authz_token_cache.h File src/kudu/client/authz_token_cache.h: http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/client/authz_token_cache.h@123 PS10, Line 123: table id nit: either 'table ID' or change 'table ID' --> 'table id' at line 130. http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/client/authz_token_cache.cc File src/kudu/client/authz_token_cache.cc: http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/client/authz_token_cache.cc@129 PS10, Line 129: RpcAndCallbacks({ rpc, { std::move(callback) } }) > nit: could you get away with just { rpc, { std::move(callback) } } ? whoops, apparently you cannot but you could get away with RpcAndCallbacks(rpc, { std::move(callback) }) http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/client/authz_token_cache.cc@143 PS10, Line 143: rpc_and_cbs.second > I'm not sure .second is necessary here: the EraseKeyReturnValuePtr() is sup I take this back: I missed the fact the value in the map is std::pair. http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/client/client-test.cc File src/kudu/client/client-test.cc: http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/client/client-test.cc@5833 PS10, Line 5833: ASSERT_TRUE(new_data->FetchCachedAuthzToken(table_id, _token)); Does it make sense to verify that storing authz token into 'new_data' does not affect token stored via 'data'? I.e., fetch current token from 'data' and verify that's still 'new_token'? http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/client/client.h File src/kudu/client/client.h: http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/client/client.h@637 PS10, Line 637: FRIEND_TEST(ClientTest, TestInvalidAuthorizationTokens); Is it still around? For some reason, I could find this test in this changelist. Am I missing something? http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/integration-tests/authz_token-itest.cc File src/kudu/integration-tests/authz_token-itest.cc: http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/integration-tests/authz_token-itest.cc@143 PS10, Line 143: const char* kTableName = "test-table"; : const char* kUser = "token-user"; : const char* kBadUser = "bad-token-user"; nit: 'const char* x const' protects the public pointer member 'x' itself. http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/integration-tests/authz_token-itest.cc@207 PS10, Line 207: int nit: the TotalCount() method of the metric returns uint64_t, why not to use this type for the return type of this function as well? http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/integration-tests/authz_token-itest.cc@248 PS10, Line 248: with drop http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/integration-tests/authz_token-itest.cc@484 PS10, Line 484: keep : // failing are always invalid ? http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/integration-tests/authz_token-itest.cc@540 PS10, Line 540: shared_ptr session(client_->NewSession()); Is this needed? http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/master/master-test.cc File src/kudu/master/master-test.cc: http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/master/master-test.cc@1771 PS10, Line 1771: ::testing::Values(true, false) nit: could use ::testing::Bool() instead -- To view, visit http://gerrit.cloudera.org:8080/12122 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: I7971d652d6adc822167cf959bffd5f994a7ca565 Gerrit-Change-Number: 12122 Gerrit-PatchSet: 10 Gerrit-Owner: Andrew Wong Gerrit-Reviewer: Adar Dembo Gerrit-Reviewer: Alexey Serbin Gerrit-Reviewer: Andrew Wong Gerrit-Reviewer: Hao Hao Gerrit-Reviewer: Kudu Jenkins (120) Gerrit-Reviewer: Tidy Bot (241) Gerrit-Comment-Date: Mon, 11 Feb 2019 08:06:25 + Gerrit-HasComments: Yes
[kudu-CR] KUDU-2543 pt 2: pass around default authz tokens
Alexey Serbin has posted comments on this change. ( http://gerrit.cloudera.org:8080/12122 ) Change subject: KUDU-2543 pt 2: pass around default authz tokens .. Patch Set 10: (12 comments) http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/client/authz_token_cache.h File src/kudu/client/authz_token_cache.h: http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/client/authz_token_cache.h@47 PS10, Line 47: asynchonous asynchronous http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/client/authz_token_cache.h@49 PS10, Line 49: class RetrieveAuthzTokenRpc : public AsyncLeaderMasterRpc, > I think it would be uglier, and since 100 is the strict limit, I'm OK with SGTM: it's just a nit, feel free to leave as is. http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/client/authz_token_cache.h@84 PS10, Line 84: // Adds an authz token to the cache for 'table_id', replacing any that : // previously existed. : void Put(const std::string& table_id, :security::SignedTokenPB authz_token); > Look again? They're both there. Yep, indeed -- I took another look and found them there. http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/client/authz_token_cache.cc File src/kudu/client/authz_token_cache.cc: http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/client/authz_token_cache.cc@63 PS10, Line 63: style nit: 4 spaces http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/client/authz_token_cache.cc@84 PS10, Line 84: if (new_status.ok() && resp_.has_authz_token()) { : client_->data_->authz_token_cache_.Put(table_->id(), resp_.authz_token()); : } : user_cb_.Run(new_status); What if (new_status.ok() && !resp_.has_authz_token())? Does that situation need some special handling or at least DCHECK()? http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/client/authz_token_cache.cc@73 PS10, Line 73: void RetrieveAuthzTokenRpc::SendRpcCb(const Status& status) { : Status new_status = status; : // Check for generic master RPC errors. : if (RetryOrReconnectIfNecessary(_status)) { : return; : } : // Unwrap and return any other application errors that may be returned by the : // master service. : if (new_status.ok() && resp_.has_error()) { : new_status = StatusFromPB(resp_.error().status()); : } : if (new_status.ok() && resp_.has_authz_token()) { : client_->data_->authz_token_cache_.Put(table_->id(), resp_.authz_token()); : } : user_cb_.Run(new_status); : } : : string RetrieveAuthzTokenRpc::ToString() const { : return Substitute("$0 { table: '$1' ($2), attempt: $3 }", AsyncLeaderMasterRpc::ToString(), : req_.table().table_name(), req_.table().table_id(), num_attempts()); : } nit: could you reorder these to match the order of declaration in the .h file? http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/client/authz_token_cache.cc@103 PS10, Line 103: std::lock_guard l(token_lock_); nit: would it make sense to use shared_lock pattern here? For example, that might make sense if multiple sessions are run concurrently for the same instance of KuduClient. http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/client/authz_token_cache.cc@123 PS10, Line 123: rpc_and_cbs->second.emplace_back(std::move(callback)); nit: add DCHECK(!rpc_and_cbs->second.empty()) before adding a new element (that would pair the DCHECK at line 145)? http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/client/authz_token_cache.cc@129 PS10, Line 129: RpcAndCallbacks({ rpc, { std::move(callback) } }) nit: could you get away with just { rpc, { std::move(callback) } } ? http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/client/authz_token_cache.cc@143 PS10, Line 143: rpc_and_cbs.second I'm not sure .second is necessary here: the EraseKeyReturnValuePtr() is supposed to the return the mapped type, i.e. vector, right? http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/integration-tests/authz_token-itest.cc File src/kudu/integration-tests/authz_token-itest.cc: http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/integration-tests/authz_token-itest.cc@301 PS10, Line 301: char* byte = _signature[i]; : *byte = ~*byte; nit: I think it's possible to use less indirection-related operations here: auto& byte = bad_signature[i]; byte = ~byte; http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/master/master.proto File src/kudu/master/master.proto: http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/master/master.proto@638 PS10, Line 638: A token can always be expected with this response > Non-leader masters do not respond to
[kudu-CR] KUDU-2543 pt 2: pass around default authz tokens
Andrew Wong has posted comments on this change. ( http://gerrit.cloudera.org:8080/12122 ) Change subject: KUDU-2543 pt 2: pass around default authz tokens .. Patch Set 10: (3 comments) http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/client/authz_token_cache.h File src/kudu/client/authz_token_cache.h: http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/client/authz_token_cache.h@49 PS10, Line 49: class RetrieveAuthzTokenRpc : public AsyncLeaderMasterRpc, > style nit: it would be nice if it's possible to fit it into 80 characters, I think it would be uglier, and since 100 is the strict limit, I'm OK with going over 80, unless you feel strongly about it. http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/client/authz_token_cache.h@84 PS10, Line 84: // Adds an authz token to the cache for 'table_id', replacing any that : // previously existed. : void Put(const std::string& table_id, :security::SignedTokenPB authz_token); > I'm not sure I saw the implementation for this method and the Fetch() metho Look again? They're both there. http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/master/master.proto File src/kudu/master/master.proto: http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/master/master.proto@638 PS10, Line 638: A token can always be expected with this response > Do non-leader masters also generate authz tokens and send them with the res Non-leader masters do not respond to GetTableSchema requests, see MasterServiceImpl::GetTableSchema() in master/master_service.cc. -- To view, visit http://gerrit.cloudera.org:8080/12122 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: I7971d652d6adc822167cf959bffd5f994a7ca565 Gerrit-Change-Number: 12122 Gerrit-PatchSet: 10 Gerrit-Owner: Andrew Wong Gerrit-Reviewer: Adar Dembo Gerrit-Reviewer: Alexey Serbin Gerrit-Reviewer: Andrew Wong Gerrit-Reviewer: Hao Hao Gerrit-Reviewer: Kudu Jenkins (120) Gerrit-Reviewer: Tidy Bot (241) Gerrit-Comment-Date: Sun, 03 Feb 2019 06:20:23 + Gerrit-HasComments: Yes
[kudu-CR] KUDU-2543 pt 2: pass around default authz tokens
Alexey Serbin has posted comments on this change. ( http://gerrit.cloudera.org:8080/12122 ) Change subject: KUDU-2543 pt 2: pass around default authz tokens .. Patch Set 10: (3 comments) http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/client/authz_token_cache.h File src/kudu/client/authz_token_cache.h: http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/client/authz_token_cache.h@49 PS10, Line 49: class RetrieveAuthzTokenRpc : public AsyncLeaderMasterRpc, style nit: it would be nice if it's possible to fit it into 80 characters, maybe put 'public AsyncLeaderMasterRpc...' on a new line? http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/client/authz_token_cache.h@84 PS10, Line 84: // Adds an authz token to the cache for 'table_id', replacing any that : // previously existed. : void Put(const std::string& table_id, :security::SignedTokenPB authz_token); I'm not sure I saw the implementation for this method and the Fetch() method as well (at least I could not find it in the corresponding .cc file). Am I missing something here? http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/master/master.proto File src/kudu/master/master.proto: http://gerrit.cloudera.org:8080/#/c/12122/10/src/kudu/master/master.proto@638 PS10, Line 638: A token can always be expected with this response Do non-leader masters also generate authz tokens and send them with the response? -- To view, visit http://gerrit.cloudera.org:8080/12122 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: I7971d652d6adc822167cf959bffd5f994a7ca565 Gerrit-Change-Number: 12122 Gerrit-PatchSet: 10 Gerrit-Owner: Andrew Wong Gerrit-Reviewer: Adar Dembo Gerrit-Reviewer: Alexey Serbin Gerrit-Reviewer: Andrew Wong Gerrit-Reviewer: Hao Hao Gerrit-Reviewer: Kudu Jenkins (120) Gerrit-Reviewer: Tidy Bot (241) Gerrit-Comment-Date: Wed, 30 Jan 2019 20:40:16 + Gerrit-HasComments: Yes
[kudu-CR] KUDU-2543 pt 2: pass around default authz tokens
Adar Dembo has posted comments on this change. ( http://gerrit.cloudera.org:8080/12122 ) Change subject: KUDU-2543 pt 2: pass around default authz tokens .. Patch Set 10: Code-Review+1 -- To view, visit http://gerrit.cloudera.org:8080/12122 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: I7971d652d6adc822167cf959bffd5f994a7ca565 Gerrit-Change-Number: 12122 Gerrit-PatchSet: 10 Gerrit-Owner: Andrew Wong Gerrit-Reviewer: Adar Dembo Gerrit-Reviewer: Alexey Serbin Gerrit-Reviewer: Andrew Wong Gerrit-Reviewer: Hao Hao Gerrit-Reviewer: Kudu Jenkins (120) Gerrit-Reviewer: Tidy Bot (241) Gerrit-Comment-Date: Thu, 24 Jan 2019 00:58:06 + Gerrit-HasComments: No
[kudu-CR] KUDU-2543 pt 2: pass around default authz tokens
Andrew Wong has posted comments on this change. ( http://gerrit.cloudera.org:8080/12122 ) Change subject: KUDU-2543 pt 2: pass around default authz tokens .. Patch Set 9: (1 comment) http://gerrit.cloudera.org:8080/#/c/12122/8/src/kudu/integration-tests/authz_token-itest.cc File src/kudu/integration-tests/authz_token-itest.cc: http://gerrit.cloudera.org:8080/#/c/12122/8/src/kudu/integration-tests/authz_token-itest.cc@463 PS8, Line 463: // Enforce access control, and make elections much more frequent. > These all have an effect _after_ the cluster has been started? Good callout, a couple of them do affect state set at table create time (e.g. the periodic timers). -- To view, visit http://gerrit.cloudera.org:8080/12122 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: I7971d652d6adc822167cf959bffd5f994a7ca565 Gerrit-Change-Number: 12122 Gerrit-PatchSet: 9 Gerrit-Owner: Andrew Wong Gerrit-Reviewer: Adar Dembo Gerrit-Reviewer: Alexey Serbin Gerrit-Reviewer: Andrew Wong Gerrit-Reviewer: Hao Hao Gerrit-Reviewer: Kudu Jenkins (120) Gerrit-Reviewer: Tidy Bot (241) Gerrit-Comment-Date: Thu, 24 Jan 2019 00:56:31 + Gerrit-HasComments: Yes
[kudu-CR] KUDU-2543 pt 2: pass around default authz tokens
Hello Tidy Bot, Alexey Serbin, Kudu Jenkins, Adar Dembo, Hao Hao, I'd like you to reexamine a change. Please visit http://gerrit.cloudera.org:8080/12122 to look at the new patch set (#10). Change subject: KUDU-2543 pt 2: pass around default authz tokens .. KUDU-2543 pt 2: pass around default authz tokens Adds authz token generation to the master's GetTableSchema endpoint, with which clients can authorize themselves for specific tables. A client will cache these tokens and use them appropriately for RPCs that need them (e.g. Writes and Scans), reacquiring them when receiving word that they are expired. This is tested in the following ways: - unit tests for the new client-side cache for authz tokens - parameterized the token expiration test for authn and authz tokens to have varying token expirations, testing when authn tokens expire but not authz tokens, and vice versa - added various tests to ensure the client behaves correctly in various non-happy cases Change-Id: I7971d652d6adc822167cf959bffd5f994a7ca565 --- M src/kudu/client/CMakeLists.txt A src/kudu/client/authz_token_cache.cc A src/kudu/client/authz_token_cache.h M src/kudu/client/batcher.cc M src/kudu/client/client-internal.cc M src/kudu/client/client-internal.h M src/kudu/client/client-test.cc M src/kudu/client/client.h M src/kudu/client/scanner-internal.cc M src/kudu/client/scanner-internal.h M src/kudu/integration-tests/CMakeLists.txt R src/kudu/integration-tests/auth_token_expire-itest.cc A src/kudu/integration-tests/authz_token-itest.cc M src/kudu/master/catalog_manager.h M src/kudu/master/master-test.cc M src/kudu/master/master.proto M src/kudu/master/master_service.cc M src/kudu/rpc/retriable_rpc.h M src/kudu/rpc/rpc.h M src/kudu/util/test_util.h 20 files changed, 1,335 insertions(+), 95 deletions(-) git pull ssh://gerrit.cloudera.org:29418/kudu refs/changes/22/12122/10 -- To view, visit http://gerrit.cloudera.org:8080/12122 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: newpatchset Gerrit-Change-Id: I7971d652d6adc822167cf959bffd5f994a7ca565 Gerrit-Change-Number: 12122 Gerrit-PatchSet: 10 Gerrit-Owner: Andrew Wong Gerrit-Reviewer: Adar Dembo Gerrit-Reviewer: Alexey Serbin Gerrit-Reviewer: Andrew Wong Gerrit-Reviewer: Hao Hao Gerrit-Reviewer: Kudu Jenkins (120) Gerrit-Reviewer: Tidy Bot (241)
[kudu-CR] KUDU-2543 pt 2: pass around default authz tokens
Hao Hao has posted comments on this change. ( http://gerrit.cloudera.org:8080/12122 ) Change subject: KUDU-2543 pt 2: pass around default authz tokens .. Patch Set 9: Code-Review+2 (1 comment) http://gerrit.cloudera.org:8080/#/c/12122/6/src/kudu/integration-tests/authz_token-itest.cc File src/kudu/integration-tests/authz_token-itest.cc: http://gerrit.cloudera.org:8080/#/c/12122/6/src/kudu/integration-tests/authz_token-itest.cc@287 PS6, Line 287: after being told go retrieve a new token > It's verified by the fact that we got a new token at L292, and there are VL Sounds good. -- To view, visit http://gerrit.cloudera.org:8080/12122 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: I7971d652d6adc822167cf959bffd5f994a7ca565 Gerrit-Change-Number: 12122 Gerrit-PatchSet: 9 Gerrit-Owner: Andrew Wong Gerrit-Reviewer: Adar Dembo Gerrit-Reviewer: Alexey Serbin Gerrit-Reviewer: Andrew Wong Gerrit-Reviewer: Hao Hao Gerrit-Reviewer: Kudu Jenkins (120) Gerrit-Reviewer: Tidy Bot (241) Gerrit-Comment-Date: Wed, 23 Jan 2019 23:28:37 + Gerrit-HasComments: Yes
[kudu-CR] KUDU-2543 pt 2: pass around default authz tokens
Adar Dembo has posted comments on this change. ( http://gerrit.cloudera.org:8080/12122 ) Change subject: KUDU-2543 pt 2: pass around default authz tokens .. Patch Set 9: Code-Review+1 (1 comment) http://gerrit.cloudera.org:8080/#/c/12122/8/src/kudu/integration-tests/authz_token-itest.cc File src/kudu/integration-tests/authz_token-itest.cc: http://gerrit.cloudera.org:8080/#/c/12122/8/src/kudu/integration-tests/authz_token-itest.cc@463 PS8, Line 463: // Enforce access control, and make elections much more frequent. These all have an effect _after_ the cluster has been started? -- To view, visit http://gerrit.cloudera.org:8080/12122 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: I7971d652d6adc822167cf959bffd5f994a7ca565 Gerrit-Change-Number: 12122 Gerrit-PatchSet: 9 Gerrit-Owner: Andrew Wong Gerrit-Reviewer: Adar Dembo Gerrit-Reviewer: Alexey Serbin Gerrit-Reviewer: Andrew Wong Gerrit-Reviewer: Hao Hao Gerrit-Reviewer: Kudu Jenkins (120) Gerrit-Reviewer: Tidy Bot (241) Gerrit-Comment-Date: Wed, 23 Jan 2019 22:40:51 + Gerrit-HasComments: Yes
[kudu-CR] KUDU-2543 pt 2: pass around default authz tokens
Hello Tidy Bot, Alexey Serbin, Kudu Jenkins, Adar Dembo, Hao Hao, I'd like you to reexamine a change. Please visit http://gerrit.cloudera.org:8080/12122 to look at the new patch set (#9). Change subject: KUDU-2543 pt 2: pass around default authz tokens .. KUDU-2543 pt 2: pass around default authz tokens Adds authz token generation to the master's GetTableSchema endpoint, with which clients can authorize themselves for specific tables. A client will cache these tokens and use them appropriately for RPCs that need them (e.g. Writes and Scans), reacquiring them when receiving word that they are expired. This is tested in the following ways: - unit tests for the new client-side cache for authz tokens - parameterized the token expiration test for authn and authz tokens to have varying token expirations, testing when authn tokens expire but not authz tokens, and vice versa - added various tests to ensure the client behaves correctly in various non-happy cases Change-Id: I7971d652d6adc822167cf959bffd5f994a7ca565 --- M src/kudu/client/CMakeLists.txt A src/kudu/client/authz_token_cache.cc A src/kudu/client/authz_token_cache.h M src/kudu/client/batcher.cc M src/kudu/client/client-internal.cc M src/kudu/client/client-internal.h M src/kudu/client/client-test.cc M src/kudu/client/client.h M src/kudu/client/scanner-internal.cc M src/kudu/client/scanner-internal.h M src/kudu/integration-tests/CMakeLists.txt R src/kudu/integration-tests/auth_token_expire-itest.cc A src/kudu/integration-tests/authz_token-itest.cc M src/kudu/master/catalog_manager.h M src/kudu/master/master-test.cc M src/kudu/master/master.proto M src/kudu/master/master_service.cc M src/kudu/rpc/retriable_rpc.h M src/kudu/rpc/rpc.h M src/kudu/util/test_util.h 20 files changed, 1,332 insertions(+), 95 deletions(-) git pull ssh://gerrit.cloudera.org:29418/kudu refs/changes/22/12122/9 -- To view, visit http://gerrit.cloudera.org:8080/12122 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: newpatchset Gerrit-Change-Id: I7971d652d6adc822167cf959bffd5f994a7ca565 Gerrit-Change-Number: 12122 Gerrit-PatchSet: 9 Gerrit-Owner: Andrew Wong Gerrit-Reviewer: Adar Dembo Gerrit-Reviewer: Alexey Serbin Gerrit-Reviewer: Andrew Wong Gerrit-Reviewer: Hao Hao Gerrit-Reviewer: Kudu Jenkins (120) Gerrit-Reviewer: Tidy Bot (241)
[kudu-CR] KUDU-2543 pt 2: pass around default authz tokens
Hao Hao has posted comments on this change. ( http://gerrit.cloudera.org:8080/12122 ) Change subject: KUDU-2543 pt 2: pass around default authz tokens .. Patch Set 6: Code-Review+1 (1 comment) http://gerrit.cloudera.org:8080/#/c/12122/6/src/kudu/integration-tests/authz_token-itest.cc File src/kudu/integration-tests/authz_token-itest.cc: http://gerrit.cloudera.org:8080/#/c/12122/6/src/kudu/integration-tests/authz_token-itest.cc@287 PS6, Line 287: after being told go retrieve a new token Is there a way to verify this? e.g. a log? -- To view, visit http://gerrit.cloudera.org:8080/12122 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: I7971d652d6adc822167cf959bffd5f994a7ca565 Gerrit-Change-Number: 12122 Gerrit-PatchSet: 6 Gerrit-Owner: Andrew Wong Gerrit-Reviewer: Adar Dembo Gerrit-Reviewer: Alexey Serbin Gerrit-Reviewer: Andrew Wong Gerrit-Reviewer: Hao Hao Gerrit-Reviewer: Kudu Jenkins (120) Gerrit-Reviewer: Tidy Bot (241) Gerrit-Comment-Date: Wed, 23 Jan 2019 19:56:45 + Gerrit-HasComments: Yes
[kudu-CR] KUDU-2543 pt 2: pass around default authz tokens
Andrew Wong has posted comments on this change. ( http://gerrit.cloudera.org:8080/12122 ) Change subject: KUDU-2543 pt 2: pass around default authz tokens .. Patch Set 6: (1 comment) http://gerrit.cloudera.org:8080/#/c/12122/6/src/kudu/integration-tests/authz_token-itest.cc File src/kudu/integration-tests/authz_token-itest.cc: http://gerrit.cloudera.org:8080/#/c/12122/6/src/kudu/integration-tests/authz_token-itest.cc@287 PS6, Line 287: after being told go retrieve a new token > Is there a way to verify this? e.g. a log? It's verified by the fact that we got a new token at L292, and there are VLOG messages in the token cache when new tokens are retrieved. -- To view, visit http://gerrit.cloudera.org:8080/12122 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: I7971d652d6adc822167cf959bffd5f994a7ca565 Gerrit-Change-Number: 12122 Gerrit-PatchSet: 6 Gerrit-Owner: Andrew Wong Gerrit-Reviewer: Adar Dembo Gerrit-Reviewer: Alexey Serbin Gerrit-Reviewer: Andrew Wong Gerrit-Reviewer: Hao Hao Gerrit-Reviewer: Kudu Jenkins (120) Gerrit-Reviewer: Tidy Bot (241) Gerrit-Comment-Date: Wed, 23 Jan 2019 20:01:49 + Gerrit-HasComments: Yes
[kudu-CR] KUDU-2543 pt 2: pass around default authz tokens
Hello Tidy Bot, Alexey Serbin, Kudu Jenkins, Adar Dembo, Hao Hao, I'd like you to reexamine a change. Please visit http://gerrit.cloudera.org:8080/12122 to look at the new patch set (#7). Change subject: KUDU-2543 pt 2: pass around default authz tokens .. KUDU-2543 pt 2: pass around default authz tokens Adds authz token generation to the master's GetTableSchema endpoint, with which clients can authorize themselves for specific tables. A client will cache these tokens and use them appropriately for RPCs that need them (e.g. Writes and Scans), reacquiring them when receiving word that they are expired. This is tested in the following ways: - unit tests for the new client-side cache for authz tokens - parameterized the token expiration test for authn and authz tokens to have varying token expirations, testing when authn tokens expire but not authz tokens, and vice versa - added various tests to ensure the client behaves correctly in various non-happy cases Change-Id: I7971d652d6adc822167cf959bffd5f994a7ca565 --- M src/kudu/client/CMakeLists.txt A src/kudu/client/authz_token_cache.cc A src/kudu/client/authz_token_cache.h M src/kudu/client/batcher.cc M src/kudu/client/client-internal.cc M src/kudu/client/client-internal.h M src/kudu/client/client-test.cc M src/kudu/client/client.h M src/kudu/client/scanner-internal.cc M src/kudu/client/scanner-internal.h M src/kudu/integration-tests/CMakeLists.txt R src/kudu/integration-tests/auth_token_expire-itest.cc A src/kudu/integration-tests/authz_token-itest.cc M src/kudu/master/catalog_manager.h M src/kudu/master/master-test.cc M src/kudu/master/master.proto M src/kudu/master/master_service.cc M src/kudu/rpc/retriable_rpc.h M src/kudu/rpc/rpc.h M src/kudu/util/test_util.h 20 files changed, 1,332 insertions(+), 96 deletions(-) git pull ssh://gerrit.cloudera.org:29418/kudu refs/changes/22/12122/7 -- To view, visit http://gerrit.cloudera.org:8080/12122 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: newpatchset Gerrit-Change-Id: I7971d652d6adc822167cf959bffd5f994a7ca565 Gerrit-Change-Number: 12122 Gerrit-PatchSet: 7 Gerrit-Owner: Andrew Wong Gerrit-Reviewer: Adar Dembo Gerrit-Reviewer: Alexey Serbin Gerrit-Reviewer: Andrew Wong Gerrit-Reviewer: Hao Hao Gerrit-Reviewer: Kudu Jenkins (120) Gerrit-Reviewer: Tidy Bot (241)
[kudu-CR] KUDU-2543 pt 2: pass around default authz tokens
Adar Dembo has posted comments on this change. ( http://gerrit.cloudera.org:8080/12122 ) Change subject: KUDU-2543 pt 2: pass around default authz tokens .. Patch Set 6: Code-Review+1 -- To view, visit http://gerrit.cloudera.org:8080/12122 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: I7971d652d6adc822167cf959bffd5f994a7ca565 Gerrit-Change-Number: 12122 Gerrit-PatchSet: 6 Gerrit-Owner: Andrew Wong Gerrit-Reviewer: Adar Dembo Gerrit-Reviewer: Alexey Serbin Gerrit-Reviewer: Andrew Wong Gerrit-Reviewer: Hao Hao Gerrit-Reviewer: Kudu Jenkins (120) Gerrit-Reviewer: Tidy Bot (241) Gerrit-Comment-Date: Wed, 23 Jan 2019 07:32:52 + Gerrit-HasComments: No
[kudu-CR] KUDU-2543 pt 2: pass around default authz tokens
Andrew Wong has posted comments on this change. ( http://gerrit.cloudera.org:8080/12122 ) Change subject: KUDU-2543 pt 2: pass around default authz tokens .. Patch Set 6: (13 comments) http://gerrit.cloudera.org:8080/#/c/12122/5/src/kudu/client/authz_token_cache.h File src/kudu/client/authz_token_cache.h: http://gerrit.cloudera.org:8080/#/c/12122/5/src/kudu/client/authz_token_cache.h@134 PS5, Line 134: authz_rpcs_; > nit: why not name it 'authz_rpcs_' to match 'authz_tokens_'? Done http://gerrit.cloudera.org:8080/#/c/12122/5/src/kudu/client/client-internal.cc File src/kudu/client/client-internal.cc: http://gerrit.cloudera.org:8080/#/c/12122/5/src/kudu/client/client-internal.cc@466 PS5, Line 466: Parse the server part > nit: use StoreAuthzToken() instead? Done http://gerrit.cloudera.org:8080/#/c/12122/5/src/kudu/client/client-test.cc File src/kudu/client/client-test.cc: http://gerrit.cloudera.org:8080/#/c/12122/5/src/kudu/client/client-test.cc@5853 PS5, Line 5853: client_->data_->RetrieveAuthzTokenAsync(client_table_.get(), s.AsStatusCallback(), > Is it possible to change the logic to create a new client and only retrieve That's possible, we could also not run RetrieveAuthzTokenAsync if there is a token in the cache. I'm going to hold off on it though since I don't think that adds to the test coverage and would make this test more complicated. http://gerrit.cloudera.org:8080/#/c/12122/5/src/kudu/integration-tests/auth_token_expire-itest.cc File src/kudu/integration-tests/auth_token_expire-itest.cc: http://gerrit.cloudera.org:8080/#/c/12122/5/src/kudu/integration-tests/auth_token_expire-itest.cc@143 PS5, Line 143: i > nit: extra space. Done http://gerrit.cloudera.org:8080/#/c/12122/5/src/kudu/integration-tests/auth_token_expire-itest.cc@254 PS5, Line 254: p > nit: space. Done http://gerrit.cloudera.org:8080/#/c/12122/5/src/kudu/integration-tests/authz_token-itest.cc File src/kudu/integration-tests/authz_token-itest.cc: http://gerrit.cloudera.org:8080/#/c/12122/5/src/kudu/integration-tests/authz_token-itest.cc@184 PS5, Line 184: Insert > nit: 'Inserts' to aligned with other comments style. Done http://gerrit.cloudera.org:8080/#/c/12122/5/src/kudu/integration-tests/authz_token-itest.cc@205 PS5, Line 205: Get > nit: 'Gets' Done http://gerrit.cloudera.org:8080/#/c/12122/5/src/kudu/integration-tests/authz_token-itest.cc@281 PS5, Line 281: > Can you add a comment to explain what is the expected behavior in this case Done http://gerrit.cloudera.org:8080/#/c/12122/5/src/kudu/integration-tests/authz_token-itest.cc@352 PS5, Line 352: auto& e : er > Nit: got two spaces here. Done http://gerrit.cloudera.org:8080/#/c/12122/5/src/kudu/integration-tests/authz_token-itest.cc@362 PS5, Line 362: > Why not parameterized the functor here as well? Done http://gerrit.cloudera.org:8080/#/c/12122/5/src/kudu/integration-tests/authz_token-itest.cc@369 PS5, Line 369: yPB tsk; > Should a similar test be exist for authn token as well? A similar test exists for authn tokens in security-unknown-tsk-itest. I chose to put this test here because the logic differed enough that parameterizing security-unknown-tsk-itest would have been a lot of work and I think would've made the test harder to follow. http://gerrit.cloudera.org:8080/#/c/12122/5/src/kudu/integration-tests/authz_token-itest.cc@477 PS5, Line 477: token_ratio = 1.0; > Will a similar also apply for authn tokens? Also, wondering how you consid auth_token_expire-itest has some tests that explicitly test for expired tokens / token reacquisition during master leader changes (e.g. MultiMasterIdleConnectionsITest), which is similar to this (invalid tokens during master election storms). I opted to not reuse some of the existing tests because parameterizing them would be non-trivial and make them harder to understand (and I found some tests a bit confusing to start with, given a few of them are targeting very specific error scenarios). auth_token_expire-itest tests generally target expiration of tokens. authz_token-itest targets other error scenarios. http://gerrit.cloudera.org:8080/#/c/12122/5/src/kudu/integration-tests/authz_token-itest.cc@523 PS5, Line 523: // Client should have no problems connecting to an old cluster. : ASSERT_OK(Inse > What happens if a old client try to communicate with servers that require a That'd be the same as sending requests with no authz tokens, so the client would get an error. That's harder to test, since I'm not maintaining the old behavior of the client through some config flag, but https://gerrit.cloudera.org/c/11751/10/src/kudu/tserver/tablet_server_authorization-test.cc#259 shows the behavior of using the proxy with no token. -- To view, visit http://gerrit.cloudera.org:8080/12122 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master
[kudu-CR] KUDU-2543 pt 2: pass around default authz tokens
Hello Tidy Bot, Alexey Serbin, Kudu Jenkins, Adar Dembo, Hao Hao, I'd like you to reexamine a change. Please visit http://gerrit.cloudera.org:8080/12122 to look at the new patch set (#6). Change subject: KUDU-2543 pt 2: pass around default authz tokens .. KUDU-2543 pt 2: pass around default authz tokens Adds authz token generation to the master's GetTableSchema endpoint, with which clients can authorize themselves for specific tables. A client will cache these tokens and use them appropriately for RPCs that need them (e.g. Writes and Scans), reacquiring them when receiving word that they are expired. This is tested in the following ways: - unit tests for the new client-side cache for authz tokens - parameterized the token expiration test for authn and authz tokens to have varying token expirations, testing when authn tokens expire but not authz tokens, and vice versa - added various tests to ensure the client behaves correctly in various non-happy cases Change-Id: I7971d652d6adc822167cf959bffd5f994a7ca565 --- M src/kudu/client/CMakeLists.txt A src/kudu/client/authz_token_cache.cc A src/kudu/client/authz_token_cache.h M src/kudu/client/batcher.cc M src/kudu/client/client-internal.cc M src/kudu/client/client-internal.h M src/kudu/client/client-test.cc M src/kudu/client/client.h M src/kudu/client/scanner-internal.cc M src/kudu/client/scanner-internal.h M src/kudu/integration-tests/CMakeLists.txt R src/kudu/integration-tests/auth_token_expire-itest.cc A src/kudu/integration-tests/authz_token-itest.cc M src/kudu/master/catalog_manager.h M src/kudu/master/master-test.cc M src/kudu/master/master.proto M src/kudu/master/master_service.cc M src/kudu/rpc/retriable_rpc.h M src/kudu/rpc/rpc.h M src/kudu/util/test_util.h 20 files changed, 1,331 insertions(+), 96 deletions(-) git pull ssh://gerrit.cloudera.org:29418/kudu refs/changes/22/12122/6 -- To view, visit http://gerrit.cloudera.org:8080/12122 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: newpatchset Gerrit-Change-Id: I7971d652d6adc822167cf959bffd5f994a7ca565 Gerrit-Change-Number: 12122 Gerrit-PatchSet: 6 Gerrit-Owner: Andrew Wong Gerrit-Reviewer: Adar Dembo Gerrit-Reviewer: Alexey Serbin Gerrit-Reviewer: Andrew Wong Gerrit-Reviewer: Hao Hao Gerrit-Reviewer: Kudu Jenkins (120) Gerrit-Reviewer: Tidy Bot (241)
[kudu-CR] KUDU-2543 pt 2: pass around default authz tokens
Hao Hao has posted comments on this change. ( http://gerrit.cloudera.org:8080/12122 ) Change subject: KUDU-2543 pt 2: pass around default authz tokens .. Patch Set 5: (12 comments) http://gerrit.cloudera.org:8080/#/c/12122/5/src/kudu/client/authz_token_cache.h File src/kudu/client/authz_token_cache.h: http://gerrit.cloudera.org:8080/#/c/12122/5/src/kudu/client/authz_token_cache.h@134 PS5, Line 134: retrieve_authz_rpcs_ nit: why not name it 'authz_rpcs_' to match 'authz_tokens_'? http://gerrit.cloudera.org:8080/#/c/12122/5/src/kudu/client/client-internal.cc File src/kudu/client/client-internal.cc: http://gerrit.cloudera.org:8080/#/c/12122/5/src/kudu/client/client-internal.cc@466 PS5, Line 466: authz_token_cache_.Put nit: use StoreAuthzToken() instead? http://gerrit.cloudera.org:8080/#/c/12122/5/src/kudu/client/client-test.cc File src/kudu/client/client-test.cc: http://gerrit.cloudera.org:8080/#/c/12122/5/src/kudu/client/client-test.cc@5853 PS5, Line 5853: client_->data_->RetrieveAuthzTokenAsync(client_table_.get(), s.AsStatusCallback(), Is it possible to change the logic to create a new client and only retrieve authz token when there isn't one cached? So that we can have a deterministic result that there is only one RPC being sent in this case? http://gerrit.cloudera.org:8080/#/c/12122/5/src/kudu/integration-tests/auth_token_expire-itest.cc File src/kudu/integration-tests/auth_token_expire-itest.cc: http://gerrit.cloudera.org:8080/#/c/12122/5/src/kudu/integration-tests/auth_token_expire-itest.cc@143 PS5, Line 143: nit: extra space. http://gerrit.cloudera.org:8080/#/c/12122/5/src/kudu/integration-tests/auth_token_expire-itest.cc@254 PS5, Line 254: nit: space. http://gerrit.cloudera.org:8080/#/c/12122/5/src/kudu/integration-tests/authz_token-itest.cc File src/kudu/integration-tests/authz_token-itest.cc: http://gerrit.cloudera.org:8080/#/c/12122/5/src/kudu/integration-tests/authz_token-itest.cc@184 PS5, Line 184: Insert nit: 'Inserts' to aligned with other comments style. http://gerrit.cloudera.org:8080/#/c/12122/5/src/kudu/integration-tests/authz_token-itest.cc@205 PS5, Line 205: Get nit: 'Gets' http://gerrit.cloudera.org:8080/#/c/12122/5/src/kudu/integration-tests/authz_token-itest.cc@281 PS5, Line 281: LOG(INFO) << "Trying to use the wrong user's token..."; Can you add a comment to explain what is the expected behavior in this case? Especially why operations in L285 is expected to succeed. http://gerrit.cloudera.org:8080/#/c/12122/5/src/kudu/integration-tests/authz_token-itest.cc@362 PS5, Line 362: ASSERT_OK(ScanFromTable(client_table_.get())); Why not parameterized the functor here as well? http://gerrit.cloudera.org:8080/#/c/12122/5/src/kudu/integration-tests/authz_token-itest.cc@369 PS5, Line 369: TestUnknownTsk Should a similar test be exist for authn token as well? http://gerrit.cloudera.org:8080/#/c/12122/5/src/kudu/integration-tests/authz_token-itest.cc@477 PS5, Line 477: TestMasterElectionStorms Will a similar also apply for authn tokens? Also, wondering how you consider what should be tested in auth_token_expire-itest and what should be in authz_token-itest? http://gerrit.cloudera.org:8080/#/c/12122/5/src/kudu/integration-tests/authz_token-itest.cc@523 PS5, Line 523: // Ensures the client can still communicate with servers that do not support : // authz tokens. What happens if a old client try to communicate with servers that require authz tokens? -- To view, visit http://gerrit.cloudera.org:8080/12122 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: I7971d652d6adc822167cf959bffd5f994a7ca565 Gerrit-Change-Number: 12122 Gerrit-PatchSet: 5 Gerrit-Owner: Andrew Wong Gerrit-Reviewer: Adar Dembo Gerrit-Reviewer: Alexey Serbin Gerrit-Reviewer: Andrew Wong Gerrit-Reviewer: Hao Hao Gerrit-Reviewer: Kudu Jenkins (120) Gerrit-Reviewer: Tidy Bot (241) Gerrit-Comment-Date: Wed, 09 Jan 2019 06:31:27 + Gerrit-HasComments: Yes
[kudu-CR] KUDU-2543 pt 2: pass around default authz tokens
Adar Dembo has posted comments on this change. ( http://gerrit.cloudera.org:8080/12122 ) Change subject: KUDU-2543 pt 2: pass around default authz tokens .. Patch Set 5: Code-Review+1 (1 comment) http://gerrit.cloudera.org:8080/#/c/12122/5/src/kudu/integration-tests/authz_token-itest.cc File src/kudu/integration-tests/authz_token-itest.cc: http://gerrit.cloudera.org:8080/#/c/12122/5/src/kudu/integration-tests/authz_token-itest.cc@352 PS5, Line 352: that expired Nit: got two spaces here. -- To view, visit http://gerrit.cloudera.org:8080/12122 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: I7971d652d6adc822167cf959bffd5f994a7ca565 Gerrit-Change-Number: 12122 Gerrit-PatchSet: 5 Gerrit-Owner: Andrew Wong Gerrit-Reviewer: Adar Dembo Gerrit-Reviewer: Alexey Serbin Gerrit-Reviewer: Andrew Wong Gerrit-Reviewer: Hao Hao Gerrit-Reviewer: Kudu Jenkins (120) Gerrit-Reviewer: Tidy Bot (241) Gerrit-Comment-Date: Mon, 07 Jan 2019 17:31:58 + Gerrit-HasComments: Yes
[kudu-CR] KUDU-2543 pt 2: pass around default authz tokens
Hello Tidy Bot, Alexey Serbin, Kudu Jenkins, Adar Dembo, Hao Hao, I'd like you to reexamine a change. Please visit http://gerrit.cloudera.org:8080/12122 to look at the new patch set (#5). Change subject: KUDU-2543 pt 2: pass around default authz tokens .. KUDU-2543 pt 2: pass around default authz tokens Adds authz token generation to the master's GetTableSchema endpoint, with which clients can authorize themselves for specific tables. A client will cache these tokens and use them appropriately for RPCs that need them (e.g. Writes and Scans), reacquiring them when receiving word that they are expired. This is tested in the following ways: - unit tests for the new client-side cache for authz tokens - parameterized the token expiration test for authn and authz tokens to have varying token expirations, testing when authn tokens expire but not authz tokens, and vice versa - added various tests to ensure the client behaves correctly in various non-happy cases Change-Id: I7971d652d6adc822167cf959bffd5f994a7ca565 --- M src/kudu/client/CMakeLists.txt A src/kudu/client/authz_token_cache.cc A src/kudu/client/authz_token_cache.h M src/kudu/client/batcher.cc M src/kudu/client/client-internal.cc M src/kudu/client/client-internal.h M src/kudu/client/client-test.cc M src/kudu/client/client.h M src/kudu/client/scanner-internal.cc M src/kudu/client/scanner-internal.h M src/kudu/integration-tests/CMakeLists.txt R src/kudu/integration-tests/auth_token_expire-itest.cc A src/kudu/integration-tests/authz_token-itest.cc M src/kudu/master/catalog_manager.h M src/kudu/master/master-test.cc M src/kudu/master/master.proto M src/kudu/master/master_service.cc M src/kudu/rpc/retriable_rpc.h M src/kudu/rpc/rpc.h M src/kudu/util/test_util.h 20 files changed, 1,335 insertions(+), 97 deletions(-) git pull ssh://gerrit.cloudera.org:29418/kudu refs/changes/22/12122/5 -- To view, visit http://gerrit.cloudera.org:8080/12122 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: newpatchset Gerrit-Change-Id: I7971d652d6adc822167cf959bffd5f994a7ca565 Gerrit-Change-Number: 12122 Gerrit-PatchSet: 5 Gerrit-Owner: Andrew Wong Gerrit-Reviewer: Adar Dembo Gerrit-Reviewer: Alexey Serbin Gerrit-Reviewer: Andrew Wong Gerrit-Reviewer: Hao Hao Gerrit-Reviewer: Kudu Jenkins (120) Gerrit-Reviewer: Tidy Bot (241)
[kudu-CR] KUDU-2543 pt 2: pass around default authz tokens
Andrew Wong has posted comments on this change. ( http://gerrit.cloudera.org:8080/12122 ) Change subject: KUDU-2543 pt 2: pass around default authz tokens .. Patch Set 4: (35 comments) http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/client/authz_token_cache.h File src/kudu/client/authz_token_cache.h: http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/client/authz_token_cache.h@53 PS3, Line 53: MonoTime deadline > nit: In RetrieveNewAuthzToken() that's passed by const reference. Is it po Done http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/client/authz_token_cache.h@54 PS3, Line 54: std::str > nit: drop 'virtual' Done http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/client/authz_token_cache.h@58 PS3, Line 58: void Sen > nit: drop Done http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/client/authz_token_cache.h@72 PS3, Line 72: Cache for authz tokens received from the master. A clie > This reads vague. Could you be more specific? Done http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/client/authz_token_cache.h@84 PS3, Line 84: for 'table_id', replacing any that : // previously existed. > It would be nice to document the reasoning behind this design decision. Done http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/client/authz_token_cache.h@93 PS3, Line 93: t > nit: :: Done http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/client/authz_token_cache.cc File src/kudu/client/authz_token_cache.cc: http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/client/authz_token_cache.cc@79 PS3, Line 79: // Unwrap and return any other application errors that may be returned by the > So we don't need to check the controller status at all? Why not? It's checked in RetryOrReconnectIfNecessary() http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/client/authz_token_cache.cc@82 PS3, Line 82: new_status = StatusFromPB(resp_.error().status()); > Shouldn't this also be conditioned on new_status.ok()? I wouldn't expect th Done http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/client/authz_token_cache.cc@141 PS3, Line 141: std::lock_guard l(rpc_lock_); > What does this return if for some reason there's no key of table_id? It calls the default constructor of the mapped type (pair in this case), so we'd hit the DCHECK below. http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/client/batcher.cc File src/kudu/client/batcher.cc: http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/client/batcher.cc@254 PS3, Line 254: es 'req_' > nit: updates what? Done http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/client/batcher.cc@496 PS3, Line 496: if (batcher_->client_->data_->FetchCachedAuthzToken(table()->id(), _token)) { > Can you std::move it? Done http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/client/batcher.cc@498 PS3, Line 498: } else { : // Note: this is the expected path if communi > Can it be the case when the expected authz token hasn't been fetched into t If that were the case, and the tserver is enforcing access control, then yes. This generally won't happen though since, if the master supports generating authz tokens, there should be an authz token in the cache from the call to OpenTable. I've fleshed out a comment in authz_token_cache.h to clarify the workflow a bit. http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/client/client-internal.h File src/kudu/client/client-internal.h: http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/client/client-internal.h@249 PS3, Line 249: // upon learnin > Why to allocate it on the heap? Is it possible to have an instance of Auth Done http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/client/scanner-internal.cc File src/kudu/client/scanner-internal.cc: http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/client/scanner-internal.cc@360 PS3, Line 360: = std::move(a > What if the token in the cache has expired? It will get an error from the tserver and retry. http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/client/scanner-internal.cc@360 PS3, Line 360: *next_req_.mutable_new_scan_request()->mutable_authz_token() = std::move(authz_token); > std::move Done http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/client/scanner-internal.cc@362 PS3, Line 362: this is expected > I'm not sure I understand. If FetchCachedAuthzToken() returns false, then If there's nothing in the cache, it means that OpenTable() didn't get a token from the master. The assumption then is that the tserver doesn't need a token. If this is, for some reason, not the case, and the tserver _does_ want a token, the client will try to RetrieveNewAuthzToken(), but get an error from the master and hit L197 in this file. TestAuthzTokensNotSupported tests this case. http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/integration-tests/authn_token_expire-itest.cc File
[kudu-CR] KUDU-2543 pt 2: pass around default authz tokens
Hello Tidy Bot, Alexey Serbin, Kudu Jenkins, Adar Dembo, Hao Hao, I'd like you to reexamine a change. Please visit http://gerrit.cloudera.org:8080/12122 to look at the new patch set (#4). Change subject: KUDU-2543 pt 2: pass around default authz tokens .. KUDU-2543 pt 2: pass around default authz tokens Adds authz token generation to the master's GetTableSchema endpoint, with which clients can authorize themselves for specific tables. A client will cache these tokens and use them appropriately for RPCs that need them (e.g. Writes and Scans), reacquiring them when receiving word that they are expired. This is tested in the following ways: - unit tests for the new client-side cache for authz tokens - parameterized the token expiration test for authn and authz tokens to have varying token expirations, testing when authn tokens expire but not authz tokens, and vice versa - added various tests to ensure the client behaves correctly in various non-happy cases Change-Id: I7971d652d6adc822167cf959bffd5f994a7ca565 --- M src/kudu/client/CMakeLists.txt A src/kudu/client/authz_token_cache.cc A src/kudu/client/authz_token_cache.h M src/kudu/client/batcher.cc M src/kudu/client/client-internal.cc M src/kudu/client/client-internal.h M src/kudu/client/client-test.cc M src/kudu/client/client.h M src/kudu/client/scanner-internal.cc M src/kudu/client/scanner-internal.h M src/kudu/integration-tests/CMakeLists.txt D src/kudu/integration-tests/authn_token_expire-itest.cc A src/kudu/integration-tests/authz_token-itest.cc M src/kudu/master/catalog_manager.h M src/kudu/master/master-test.cc M src/kudu/master/master.proto M src/kudu/master/master_service.cc M src/kudu/rpc/retriable_rpc.h M src/kudu/rpc/rpc.h M src/kudu/util/test_util.h 20 files changed, 1,244 insertions(+), 607 deletions(-) git pull ssh://gerrit.cloudera.org:29418/kudu refs/changes/22/12122/4 -- To view, visit http://gerrit.cloudera.org:8080/12122 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: newpatchset Gerrit-Change-Id: I7971d652d6adc822167cf959bffd5f994a7ca565 Gerrit-Change-Number: 12122 Gerrit-PatchSet: 4 Gerrit-Owner: Andrew Wong Gerrit-Reviewer: Adar Dembo Gerrit-Reviewer: Alexey Serbin Gerrit-Reviewer: Andrew Wong Gerrit-Reviewer: Hao Hao Gerrit-Reviewer: Kudu Jenkins (120) Gerrit-Reviewer: Tidy Bot (241)
[kudu-CR] KUDU-2543 pt 2: pass around default authz tokens
Alexey Serbin has posted comments on this change. ( http://gerrit.cloudera.org:8080/12122 ) Change subject: KUDU-2543 pt 2: pass around default authz tokens .. Patch Set 3: (27 comments) http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/client/authz_token_cache.h File src/kudu/client/authz_token_cache.h: http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/client/authz_token_cache.h@53 PS3, Line 53: MonoTime deadline nit: In RetrieveNewAuthzToken() that's passed by const reference. Is it possible to unify those two notations? http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/client/authz_token_cache.h@54 PS3, Line 54: virtual nit: drop 'virtual' http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/client/authz_token_cache.h@58 PS3, Line 58: virtual nit: drop http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/client/authz_token_cache.h@72 PS3, Line 72: Manages distribution and reacquisition of authz tokens. This reads vague. Could you be more specific? http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/client/authz_token_cache.h@84 PS3, Line 84: No checking is done to verify the : // expiration or validity of the returned token. It would be nice to document the reasoning behind this design decision. http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/client/authz_token_cache.h@93 PS3, Line 93: : nit: :: http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/client/batcher.cc File src/kudu/client/batcher.cc: http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/client/batcher.cc@254 PS3, Line 254: it updates nit: updates what? http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/client/batcher.cc@498 PS3, Line 498: // Note: this is the expected path if communicating with an older-versioned : // master that does not support authz tokens. Can it be the case when the expected authz token hasn't been fetched into the cache yet? What will happen in that case? Will the operation fetch a new authz token and retry? http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/client/client-internal.h File src/kudu/client/client-internal.h: http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/client/client-internal.h@249 PS3, Line 249: std::unique_ptr Why to allocate it on the heap? Is it possible to have an instance of AuthzTokenCache instead? http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/client/scanner-internal.cc File src/kudu/client/scanner-internal.cc: http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/client/scanner-internal.cc@360 PS3, Line 360: = authz_token What if the token in the cache has expired? http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/client/scanner-internal.cc@362 PS3, Line 362: this is expected I'm not sure I understand. If FetchCachedAuthzToken() returns false, then it means the cache hasn't fetched a token yet, but de-facto the master can support generating authz tokens, right? In the latter case, what will happen with the scan request -- will it be retried with authnz token when it's available? http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/integration-tests/authn_token_expire-itest.cc File src/kudu/integration-tests/authn_token_expire-itest.cc: http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/integration-tests/authn_token_expire-itest.cc@103 PS3, Line 103: AuthnTokenExpireITestBase If this test is re-purposed to verify the authz token-related functionality as well, maybe rename it to AuthTokenExpireITestBase or alike? http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/integration-tests/authz_token-itest.cc File src/kudu/integration-tests/authz_token-itest.cc: http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/integration-tests/authz_token-itest.cc@142 PS3, Line 142: nit: add two more spaces http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/integration-tests/authz_token-itest.cc@196 PS3, Line 196: AuthenticationCredentialsPB authn_pb; : authn_pb.set_real_user(user); : CHECK(authn_pb.SerializeToString(_creds)); This is just for plain authn, right? http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/integration-tests/authz_token-itest.cc@238 PS3, Line 238: table_id nit: table_id_ ? http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/integration-tests/authz_token-itest.cc@295 PS3, Line 295: for (int i = 0; i < bad_signature.length(); i++) { : char* first_byte = _signature[i]; : *first_byte ^= *first_byte; : } Is this just zeroing the signature? If so, maybe memset() is easier to write and follow? http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/integration-tests/authz_token-itest.cc@349 PS3, Line 349: Ensured Ensure? http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/integration-tests/authz_token-itest.cc@367 PS3, Line 367: it'll appear invalid : // to the servers. nit: "it's far ahead of
[kudu-CR] KUDU-2543 pt 2: pass around default authz tokens
Adar Dembo has posted comments on this change. ( http://gerrit.cloudera.org:8080/12122 ) Change subject: KUDU-2543 pt 2: pass around default authz tokens .. Patch Set 3: (8 comments) The test failure looks relevant. http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/client/authz_token_cache.cc File src/kudu/client/authz_token_cache.cc: http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/client/authz_token_cache.cc@79 PS3, Line 79: if (new_status.ok() && resp_.has_error()) { So we don't need to check the controller status at all? Why not? http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/client/authz_token_cache.cc@82 PS3, Line 82: if (resp_.has_authz_token()) { Shouldn't this also be conditioned on new_status.ok()? I wouldn't expect the server to return an error and for there to be a token in the response, but defensive programming... http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/client/authz_token_cache.cc@141 PS3, Line 141: auto rpc_and_cbs = EraseKeyReturnValuePtr(_authz_rpcs_, table_id); What does this return if for some reason there's no key of table_id? http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/client/batcher.cc File src/kudu/client/batcher.cc: http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/client/batcher.cc@496 PS3, Line 496: *req_.mutable_authz_token() = signed_token; Can you std::move it? http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/client/scanner-internal.cc File src/kudu/client/scanner-internal.cc: http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/client/scanner-internal.cc@360 PS3, Line 360: *next_req_.mutable_new_scan_request()->mutable_authz_token() = authz_token; std::move http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/integration-tests/authz_token-itest.cc File src/kudu/integration-tests/authz_token-itest.cc: http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/integration-tests/authz_token-itest.cc@153 PS3, Line 153: static void StoreAuthzToken(KuduClient* client, const string& table_id, const SignedTokenPB& token) { Line too long? http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/integration-tests/authz_token-itest.cc@347 PS3, Line 347: SKIP_IF_SLOW_NOT_ALLOWED(); Clever, more terse than the multi-line if check. http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/master/master-test.cc File src/kudu/master/master-test.cc: http://gerrit.cloudera.org:8080/#/c/12122/3/src/kudu/master/master-test.cc@1752 PS3, Line 1752: for (bool supports_authz : { true, false }) { Could you parameterize the test on this? -- To view, visit http://gerrit.cloudera.org:8080/12122 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: I7971d652d6adc822167cf959bffd5f994a7ca565 Gerrit-Change-Number: 12122 Gerrit-PatchSet: 3 Gerrit-Owner: Andrew Wong Gerrit-Reviewer: Adar Dembo Gerrit-Reviewer: Alexey Serbin Gerrit-Reviewer: Andrew Wong Gerrit-Reviewer: Hao Hao Gerrit-Reviewer: Kudu Jenkins (120) Gerrit-Reviewer: Tidy Bot (241) Gerrit-Comment-Date: Sun, 06 Jan 2019 05:04:05 + Gerrit-HasComments: Yes
[kudu-CR] KUDU-2543 pt 2: pass around default authz tokens
Andrew Wong has posted comments on this change. ( http://gerrit.cloudera.org:8080/12122 ) Change subject: KUDU-2543 pt 2: pass around default authz tokens .. Patch Set 2: (2 comments) http://gerrit.cloudera.org:8080/#/c/12122/2/src/kudu/integration-tests/authz_token-itest.cc File src/kudu/integration-tests/authz_token-itest.cc: http://gerrit.cloudera.org:8080/#/c/12122/2/src/kudu/integration-tests/authz_token-itest.cc@154 PS2, Line 154: client->data_->StoreAuthzToken(table_id, std::move(token)); > warning: passing result of std::move() as a const reference argument; no mo Done http://gerrit.cloudera.org:8080/#/c/12122/2/src/kudu/integration-tests/authz_token-itest.cc@288 PS2, Line 288: ASSERT_FALSE(MessageDifferencer::Equals(bad_token, new_token)); > warning: 'bad_token' used after it was moved [bugprone-use-after-move] Done -- To view, visit http://gerrit.cloudera.org:8080/12122 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: I7971d652d6adc822167cf959bffd5f994a7ca565 Gerrit-Change-Number: 12122 Gerrit-PatchSet: 2 Gerrit-Owner: Andrew Wong Gerrit-Reviewer: Adar Dembo Gerrit-Reviewer: Alexey Serbin Gerrit-Reviewer: Andrew Wong Gerrit-Reviewer: Hao Hao Gerrit-Reviewer: Kudu Jenkins (120) Gerrit-Reviewer: Tidy Bot (241) Gerrit-Comment-Date: Sat, 05 Jan 2019 01:01:54 + Gerrit-HasComments: Yes
[kudu-CR] KUDU-2543 pt 2: pass around default authz tokens
Hello Tidy Bot, Alexey Serbin, Kudu Jenkins, Adar Dembo, Hao Hao, I'd like you to reexamine a change. Please visit http://gerrit.cloudera.org:8080/12122 to look at the new patch set (#3). Change subject: KUDU-2543 pt 2: pass around default authz tokens .. KUDU-2543 pt 2: pass around default authz tokens Adds authz token generation to the master's GetTableSchema endpoint, with which clients can authorize themselves for specific tables. A client will cache these tokens and use them appropriately for RPCs that need them (e.g. Writes and Scans), reacquiring them when receiving word that they are expired. This is tested in the following ways: - unit tests for the new client-side cache for authz tokens - parameterized the token expiration test for authn and authz tokens to have varying token expirations, testing when authn tokens expire but not authz tokens, and vice versa - added various tests to ensure the client behaves correctly in various non-happy cases Change-Id: I7971d652d6adc822167cf959bffd5f994a7ca565 --- M src/kudu/client/CMakeLists.txt A src/kudu/client/authz_token_cache.cc A src/kudu/client/authz_token_cache.h M src/kudu/client/batcher.cc M src/kudu/client/client-internal.cc M src/kudu/client/client-internal.h M src/kudu/client/client-test.cc M src/kudu/client/client.h M src/kudu/client/scanner-internal.cc M src/kudu/client/scanner-internal.h M src/kudu/integration-tests/CMakeLists.txt M src/kudu/integration-tests/authn_token_expire-itest.cc A src/kudu/integration-tests/authz_token-itest.cc M src/kudu/master/catalog_manager.h M src/kudu/master/master-test.cc M src/kudu/master/master.proto M src/kudu/master/master_service.cc M src/kudu/rpc/retriable_rpc.h M src/kudu/rpc/rpc.h M src/kudu/util/test_util.h 20 files changed, 1,302 insertions(+), 80 deletions(-) git pull ssh://gerrit.cloudera.org:29418/kudu refs/changes/22/12122/3 -- To view, visit http://gerrit.cloudera.org:8080/12122 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: newpatchset Gerrit-Change-Id: I7971d652d6adc822167cf959bffd5f994a7ca565 Gerrit-Change-Number: 12122 Gerrit-PatchSet: 3 Gerrit-Owner: Andrew Wong Gerrit-Reviewer: Adar Dembo Gerrit-Reviewer: Alexey Serbin Gerrit-Reviewer: Andrew Wong Gerrit-Reviewer: Hao Hao Gerrit-Reviewer: Kudu Jenkins (120) Gerrit-Reviewer: Tidy Bot (241)
[kudu-CR] KUDU-2543 pt 2: pass around default authz tokens
Hello Tidy Bot, Alexey Serbin, Kudu Jenkins, Adar Dembo, Hao Hao, I'd like you to reexamine a change. Please visit http://gerrit.cloudera.org:8080/12122 to look at the new patch set (#2). Change subject: KUDU-2543 pt 2: pass around default authz tokens .. KUDU-2543 pt 2: pass around default authz tokens Adds authz token generation to the master's GetTableSchema endpoint, with which clients can authorize themselves for specific tables. A client will cache these tokens and use them appropriately for RPCs that need them (e.g. Writes and Scans), reacquiring them when receiving word that they are expired. This is tested in the following ways: - unit tests for the new client-side cache for authz tokens - parameterized the token expiration test for authn and authz tokens to have varying token expirations, testing when authn tokens expire but not authz tokens, and vice versa - added various tests to ensure the client behaves correctly in various non-happy cases Change-Id: I7971d652d6adc822167cf959bffd5f994a7ca565 --- M src/kudu/client/CMakeLists.txt A src/kudu/client/authz_token_cache.cc A src/kudu/client/authz_token_cache.h M src/kudu/client/batcher.cc M src/kudu/client/client-internal.cc M src/kudu/client/client-internal.h M src/kudu/client/client-test.cc M src/kudu/client/client.h M src/kudu/client/scanner-internal.cc M src/kudu/client/scanner-internal.h M src/kudu/integration-tests/CMakeLists.txt M src/kudu/integration-tests/authn_token_expire-itest.cc A src/kudu/integration-tests/authz_token-itest.cc M src/kudu/master/catalog_manager.h M src/kudu/master/master-test.cc M src/kudu/master/master.proto M src/kudu/master/master_service.cc M src/kudu/rpc/retriable_rpc.h M src/kudu/rpc/rpc.h M src/kudu/util/test_util.h 20 files changed, 1,302 insertions(+), 80 deletions(-) git pull ssh://gerrit.cloudera.org:29418/kudu refs/changes/22/12122/2 -- To view, visit http://gerrit.cloudera.org:8080/12122 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: newpatchset Gerrit-Change-Id: I7971d652d6adc822167cf959bffd5f994a7ca565 Gerrit-Change-Number: 12122 Gerrit-PatchSet: 2 Gerrit-Owner: Andrew Wong Gerrit-Reviewer: Adar Dembo Gerrit-Reviewer: Alexey Serbin Gerrit-Reviewer: Andrew Wong Gerrit-Reviewer: Hao Hao Gerrit-Reviewer: Kudu Jenkins (120) Gerrit-Reviewer: Tidy Bot (241)
[kudu-CR] KUDU-2543 pt 2: pass around default authz tokens
Andrew Wong has posted comments on this change. ( http://gerrit.cloudera.org:8080/12122 ) Change subject: KUDU-2543 pt 2: pass around default authz tokens .. Patch Set 2: (33 comments) http://gerrit.cloudera.org:8080/#/c/12122/1/src/kudu/client/authz_token_cache.h File src/kudu/client/authz_token_cache.h: http://gerrit.cloudera.org:8080/#/c/12122/1/src/kudu/client/authz_token_cache.h@47 PS1, Line 47: // An asynchonous RPC that retrieves a new authz token for a table and puts it > Doc the class too. Done http://gerrit.cloudera.org:8080/#/c/12122/1/src/kudu/client/authz_token_cache.h@87 PS1, Line 87: se > Not an argument. Done http://gerrit.cloudera.org:8080/#/c/12122/1/src/kudu/client/authz_token_cache.h@105 PS1, Line 105: const Status& status); > Nit: empty line before. Done http://gerrit.cloudera.org:8080/#/c/12122/1/src/kudu/client/authz_token_cache.h@106 PS1, Line 106: > Sentence fragment? Done http://gerrit.cloudera.org:8080/#/c/12122/1/src/kudu/client/authz_token_cache.cc File src/kudu/client/authz_token_cache.cc: http://gerrit.cloudera.org:8080/#/c/12122/1/src/kudu/client/authz_token_cache.cc@54 PS1, Line 54: using master::MasterFeatures; > warning: using decl 'SecureShortDebugString' is unused [misc-unused-using-d Done http://gerrit.cloudera.org:8080/#/c/12122/1/src/kudu/client/authz_token_cache.cc@65 PS1, Line 65: ::GetTableSchemaAsync, "RetrieveAuthzToken", > Why isn't the synchronous GetTableSchema method in client-internal.cc not b This class is dependent on knowing the table ID up front. This is the case for all the places it's currently used, and isn't so for GetTableSchema. You're right that if we had the tablet ID, we could use this in GetTableSchema and forego the explicit Put() call in client-internal.cc http://gerrit.cloudera.org:8080/#/c/12122/1/src/kudu/client/authz_token_cache.cc@74 PS1, Line 74: void RetrieveAuthzTokenRpc::SendRpcCb(const Status& status) { : Status new_status = status; > Shouldn't we only set one of these? Probably just the ID? Done http://gerrit.cloudera.org:8080/#/c/12122/1/src/kudu/client/authz_token_cache.cc@80 PS1, Line 80: w_status = StatusFromP > Is this prefixing necessary? Done http://gerrit.cloudera.org:8080/#/c/12122/1/src/kudu/client/authz_token_cache.cc@85 PS1, Line 85: } > This seems risky from a forward compatibility perspective: what if there ar Yeah, this is actually not used. I added handling for this case in scanner-internal.cc and retriable_rpc.h (for WriteRpc), and changed the outcome -- if we are retrieving an authz token in response to the tserver requiring a new authz token, as we are here, the master must support authz tokens. I.e. the client should just spit out an error. http://gerrit.cloudera.org:8080/#/c/12122/1/src/kudu/client/authz_token_cache.cc@92 PS1, Line 92: } > Do we need to do more error checking here? Or has that been done for us alr Done http://gerrit.cloudera.org:8080/#/c/12122/1/src/kudu/client/authz_token_cache.cc@93 PS1, Line 93: > Could be moved into the scope below, or even combined with L95. Done http://gerrit.cloudera.org:8080/#/c/12122/1/src/kudu/client/authz_token_cache.cc@138 PS1, Line 138: { > Not EmplaceOrDie here? Didn't we just prove that there's no such entry in r Done. It was having trouble deducing the type of the mapped Args for some reason, but this should work (calling the constructor explicitly). http://gerrit.cloudera.org:8080/#/c/12122/1/src/kudu/client/authz_token_cache.cc@151 PS1, Line 151: } // namespace client > Would EraseKeyReturnValuePtr work here? It would be nice to find an alterna Done http://gerrit.cloudera.org:8080/#/c/12122/1/src/kudu/client/batcher.cc File src/kudu/client/batcher.cc: http://gerrit.cloudera.org:8080/#/c/12122/1/src/kudu/client/batcher.cc@384 PS1, Line 384: switch (err->code()) { > Nit: FWIW, I don't think this is necessary when the fallthrough is obvious Done http://gerrit.cloudera.org:8080/#/c/12122/1/src/kudu/client/batcher.cc@493 PS1, Line 493: void WriteRpc::FetchCachedAuthzToken() { > See my comment in scanner-internal.cc. Done http://gerrit.cloudera.org:8080/#/c/12122/1/src/kudu/client/client-test.cc File src/kudu/client/client-test.cc: http://gerrit.cloudera.org:8080/#/c/12122/1/src/kudu/client/client-test.cc@5799 PS1, Line 5799: data > cache Done http://gerrit.cloudera.org:8080/#/c/12122/1/src/kudu/client/client-test.cc@5826 PS1, Line 5826: oken(table > Parallely? Self-conscious about this due to https://www.quora.com/Is-using-the-word-parallelly-grammatically-correct so changed the name. http://gerrit.cloudera.org:8080/#/c/12122/1/src/kudu/client/client-test.cc@5833 PS1, Line 5833: TEST_F(ClientTest, TestRetrieveAuthzTokenInParallel) { > warning: 'emplace_back' is called inside a loop; consider pre-allocating th Ack
[kudu-CR] KUDU-2543 pt 2: pass around default authz tokens
Adar Dembo has posted comments on this change. ( http://gerrit.cloudera.org:8080/12122 ) Change subject: KUDU-2543 pt 2: pass around default authz tokens .. Patch Set 1: (28 comments) http://gerrit.cloudera.org:8080/#/c/12122/1/src/kudu/client/authz_token_cache.h File src/kudu/client/authz_token_cache.h: http://gerrit.cloudera.org:8080/#/c/12122/1/src/kudu/client/authz_token_cache.h@47 PS1, Line 47: class RetrieveAuthzTokenRpc : public AsyncLeaderMasterRpchttp://gerrit.cloudera.org:8080/#/c/12122/1/src/kudu/client/authz_token_cache.h@87 PS1, Line 87: 'table_id' Not an argument. http://gerrit.cloudera.org:8080/#/c/12122/1/src/kudu/client/authz_token_cache.h@105 PS1, Line 105: // Authorization tokens stored for each table, indexed by the table id. Note Nit: empty line before. http://gerrit.cloudera.org:8080/#/c/12122/1/src/kudu/client/authz_token_cache.h@106 PS1, Line 106: users of the cache. Sentence fragment? http://gerrit.cloudera.org:8080/#/c/12122/1/src/kudu/client/authz_token_cache.cc File src/kudu/client/authz_token_cache.cc: http://gerrit.cloudera.org:8080/#/c/12122/1/src/kudu/client/authz_token_cache.cc@65 PS1, Line 65: RetrieveAuthzTokenRpc::RetrieveAuthzTokenRpc(const KuduTable* table, Why isn't the synchronous GetTableSchema method in client-internal.cc not built around this async primitive? http://gerrit.cloudera.org:8080/#/c/12122/1/src/kudu/client/authz_token_cache.cc@74 PS1, Line 74: req_.mutable_table()->set_table_name(table_->name()); : req_.mutable_table()->set_table_id(table_->id()); Shouldn't we only set one of these? Probably just the ID? http://gerrit.cloudera.org:8080/#/c/12122/1/src/kudu/client/authz_token_cache.cc@80 PS1, Line 80: AsyncLeaderMasterRpc:: Is this prefixing necessary? http://gerrit.cloudera.org:8080/#/c/12122/1/src/kudu/client/authz_token_cache.cc@85 PS1, Line 85: rpc.error_response()->unsupported_feature_flags_size() > 0) { This seems risky from a forward compatibility perspective: what if there are new feature flags that we do care about in the future? Is there a way to identify that it was just RETRIEVE_AUTHZ_TOKEN that was unsupported, and treat that as OK, while failing the rest? http://gerrit.cloudera.org:8080/#/c/12122/1/src/kudu/client/authz_token_cache.cc@92 PS1, Line 92: Do we need to do more error checking here? Or has that been done for us already? http://gerrit.cloudera.org:8080/#/c/12122/1/src/kudu/client/authz_token_cache.cc@93 PS1, Line 93: auto* token_cache = client_->data_->authz_token_cache_.get(); Could be moved into the scope below, or even combined with L95. http://gerrit.cloudera.org:8080/#/c/12122/1/src/kudu/client/authz_token_cache.cc@138 PS1, Line 138: EmplaceOrUpdate(_authz_rpcs_, table_id, { rpc, { std::move(callback) } }); Not EmplaceOrDie here? Didn't we just prove that there's no such entry in retrieve_authz_rpcs_? http://gerrit.cloudera.org:8080/#/c/12122/1/src/kudu/client/authz_token_cache.cc@151 PS1, Line 151: auto* rpc_and_cbs = FindOrNull(retrieve_authz_rpcs_, table_id); Would EraseKeyReturnValuePtr work here? It would be nice to find an alternative such that there aren't two lookups (oen in FindOrNull and one in erase). Maybe raw iterators are the way to go. http://gerrit.cloudera.org:8080/#/c/12122/1/src/kudu/client/batcher.cc File src/kudu/client/batcher.cc: http://gerrit.cloudera.org:8080/#/c/12122/1/src/kudu/client/batcher.cc@384 PS1, Line 384: FALLTHROUGH_INTENDED; Nit: FWIW, I don't think this is necessary when the fallthrough is obvious (i.e. a case that does nothing). http://gerrit.cloudera.org:8080/#/c/12122/1/src/kudu/client/batcher.cc@493 PS1, Line 493: if (!batcher_->client_->data_->FetchCachedAuthzToken(table()->id(), req_.mutable_authz_token())) { See my comment in scanner-internal.cc. http://gerrit.cloudera.org:8080/#/c/12122/1/src/kudu/client/client-test.cc File src/kudu/client/client-test.cc: http://gerrit.cloudera.org:8080/#/c/12122/1/src/kudu/client/client-test.cc@5799 PS1, Line 5799: cahce cache http://gerrit.cloudera.org:8080/#/c/12122/1/src/kudu/client/client-test.cc@5826 PS1, Line 5826: Parallelly Parallely? http://gerrit.cloudera.org:8080/#/c/12122/1/src/kudu/client/client-test.cc@5852 PS1, Line 5852: ASSERT_LT(num_reqs, kThreads); Does this hold in TSAN environments with stress threads? In a pathological case it could be possible for each of the 20 threads to run serially and thus for there to be no grouping at all. Unlikely, but possible. http://gerrit.cloudera.org:8080/#/c/12122/1/src/kudu/client/scanner-internal.cc File src/kudu/client/scanner-internal.cc: http://gerrit.cloudera.org:8080/#/c/12122/1/src/kudu/client/scanner-internal.cc@147 PS1, Line 147: case ScanRpcStatus::RPC_INVALID_AUTHORIZATION_TOKEN: Nit: add a useful comment here, or drop the one from L143 if it's redundant.
[kudu-CR] KUDU-2543 pt 2: pass around default authz tokens
Andrew Wong has posted comments on this change. ( http://gerrit.cloudera.org:8080/12122 ) Change subject: KUDU-2543 pt 2: pass around default authz tokens .. Patch Set 1: Verified+1 The failure seems unrelated: BlockManagerType/TsRecoveryITest.TestNoBlockIDReuseIfMissingBlocks/1 -- To view, visit http://gerrit.cloudera.org:8080/12122 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: I7971d652d6adc822167cf959bffd5f994a7ca565 Gerrit-Change-Number: 12122 Gerrit-PatchSet: 1 Gerrit-Owner: Andrew Wong Gerrit-Reviewer: Andrew Wong Gerrit-Reviewer: Kudu Jenkins (120) Gerrit-Reviewer: Tidy Bot (241) Gerrit-Comment-Date: Sun, 23 Dec 2018 10:42:19 + Gerrit-HasComments: No
[kudu-CR] KUDU-2543 pt 2: pass around default authz tokens
Andrew Wong has uploaded this change for review. ( http://gerrit.cloudera.org:8080/12122 Change subject: KUDU-2543 pt 2: pass around default authz tokens .. KUDU-2543 pt 2: pass around default authz tokens Adds authz token generation to the master's GetTableSchema endpoint, with which clients can authorize themselves for specific tables. A client will cache these tokens and use them appropriately for RPCs that need them (e.g. Writes and Scans), reacquiring them when receiving word that they are expired. This is tested in the following ways: - unit tests for the new client-side cache for authz tokens - parameterized the token expiration test for authn and authz tokens to have varying token expirations, testing when authn tokens expire but not authz tokens, and vice versa - added various tests to ensure the client behaves correctly in various non-happy cases Change-Id: I7971d652d6adc822167cf959bffd5f994a7ca565 --- M src/kudu/client/CMakeLists.txt A src/kudu/client/authz_token_cache.cc A src/kudu/client/authz_token_cache.h M src/kudu/client/batcher.cc M src/kudu/client/client-internal.cc M src/kudu/client/client-internal.h M src/kudu/client/client-test.cc M src/kudu/client/client.h M src/kudu/client/scanner-internal.cc M src/kudu/client/scanner-internal.h M src/kudu/integration-tests/CMakeLists.txt M src/kudu/integration-tests/authn_token_expire-itest.cc A src/kudu/integration-tests/authz_token-itest.cc M src/kudu/master/catalog_manager.h M src/kudu/master/master.proto M src/kudu/master/master_service.cc M src/kudu/rpc/retriable_rpc.h M src/kudu/rpc/rpc.h 18 files changed, 1,235 insertions(+), 70 deletions(-) git pull ssh://gerrit.cloudera.org:29418/kudu refs/changes/22/12122/1 -- To view, visit http://gerrit.cloudera.org:8080/12122 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: newchange Gerrit-Change-Id: I7971d652d6adc822167cf959bffd5f994a7ca565 Gerrit-Change-Number: 12122 Gerrit-PatchSet: 1 Gerrit-Owner: Andrew Wong