Startsida Utforska Hjälp
Registrera dig Logga in
apache
/
hadoop
spegling av https://github.com/apache/hadoop.git
2
0
Fork 1
Filer Ärenden 0 Wiki
Bläddra i källkod

HADOOP-14563. LoadBalancingKMSClientProvider#warmUpEncryptedKeys swallows IOException. Contributed by Rushabh S Shah.

Wei-Chiu Chuang 7 år sedan
förälder
82cb2a6497
incheckning
8153fe2bd3
2 ändrade filer med 74 tillägg och 1 borttagningar
Delad Vy Visa Diff Statistik
  1. 11 1
      hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/kms/LoadBalancingKMSClientProvider.java
  2. 63 0
      hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/crypto/key/kms/TestLoadBalancingKMSClientProvider.java

+ 11 - 1
hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/kms/LoadBalancingKMSClientProvider.java
Visa fil 

@@ -39,6 +39,7 @@ import org.slf4j.Logger;
 
 import org.slf4j.LoggerFactory;
 
 
 import com.google.common.annotations.VisibleForTesting;
 
+import com.google.common.base.Preconditions;
 
 
 /**
 
  * A simple LoadBalancing KMSClientProvider that round-robins requests
 
@@ -159,15 +160,24 @@ public class LoadBalancingKMSClientProvider extends KeyProvider implements
 
   // This request is sent to all providers in the load-balancing group
 
   @Override
 
   public void warmUpEncryptedKeys(String... keyNames) throws IOException {
 
+    Preconditions.checkArgument(providers.length > 0,
 
+        "No providers are configured");
 
+    boolean success = false;
 
+    IOException e = null;
 
     for (KMSClientProvider provider : providers) {
 
       try {
 
         provider.warmUpEncryptedKeys(keyNames);
 
+        success = true;
 
       } catch (IOException ioe) {
 
+        e = ioe;
 
         LOG.error(
 
             "Error warming up keys for provider with url"
 
-            + "[" + provider.getKMSUrl() + "]");
 
+            + "[" + provider.getKMSUrl() + "]", ioe);
 
       }
 
     }
 
+    if (!success && e != null) {
 
+      throw e;
 
+    }
 
   }
 
 
   // This request is sent to all providers in the load-balancing group

+ 63 - 0
hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/crypto/key/kms/TestLoadBalancingKMSClientProvider.java
Visa fil 

@@ -34,6 +34,7 @@ import org.apache.hadoop.crypto.key.KeyProvider;
 
 import org.apache.hadoop.crypto.key.KeyProvider.Options;
 
 import org.apache.hadoop.crypto.key.KeyProviderCryptoExtension;
 
 import org.apache.hadoop.security.authentication.client.AuthenticationException;
 
+import org.apache.hadoop.security.authorize.AuthorizationException;
 
 import org.junit.Test;
 
 import org.mockito.Mockito;
 
 
@@ -257,4 +258,66 @@ public class TestLoadBalancingKMSClientProvider {
 
           "AuthenticationException"));
 
     }
 
   }
 
+
 
+  /**
 
+   * tests {@link LoadBalancingKMSClientProvider#warmUpEncryptedKeys(String...)}
 
+   * error handling in case when all the providers throws {@link IOException}.
 
+   * @throws Exception
 
+   */
 
+  @Test
 
+  public void testWarmUpEncryptedKeysWhenAllProvidersFail() throws Exception {
 
+    Configuration conf = new Configuration();
 
+    KMSClientProvider p1 = mock(KMSClientProvider.class);
 
+    String keyName = "key1";
 
+    Mockito.doThrow(new IOException(new AuthorizationException("p1"))).when(p1)
 
+        .warmUpEncryptedKeys(Mockito.anyString());
 
+    KMSClientProvider p2 = mock(KMSClientProvider.class);
 
+    Mockito.doThrow(new IOException(new AuthorizationException("p2"))).when(p2)
 
+        .warmUpEncryptedKeys(Mockito.anyString());
 
+
 
+    when(p1.getKMSUrl()).thenReturn("p1");
 
+    when(p2.getKMSUrl()).thenReturn("p2");
 
+
 
+    LoadBalancingKMSClientProvider kp = new LoadBalancingKMSClientProvider(
 
+        new KMSClientProvider[] {p1, p2}, 0, conf);
 
+    try {
 
+      kp.warmUpEncryptedKeys(keyName);
 
+      fail("Should fail since both providers threw IOException");
 
+    } catch (Exception e) {
 
+      assertTrue(e.getCause() instanceof IOException);
 
+    }
 
+    Mockito.verify(p1, Mockito.times(1)).warmUpEncryptedKeys(keyName);
 
+    Mockito.verify(p2, Mockito.times(1)).warmUpEncryptedKeys(keyName);
 
+  }
 
+
 
+  /**
 
+   * tests {@link LoadBalancingKMSClientProvider#warmUpEncryptedKeys(String...)}
 
+   * error handling in case atleast one provider succeeds.
 
+   * @throws Exception
 
+   */
 
+  @Test
 
+  public void testWarmUpEncryptedKeysWhenOneProviderSucceeds()
 
+      throws Exception {
 
+    Configuration conf = new Configuration();
 
+    KMSClientProvider p1 = mock(KMSClientProvider.class);
 
+    String keyName = "key1";
 
+    Mockito.doThrow(new IOException(new AuthorizationException("p1"))).when(p1)
 
+        .warmUpEncryptedKeys(Mockito.anyString());
 
+    KMSClientProvider p2 = mock(KMSClientProvider.class);
 
+    Mockito.doNothing().when(p2)
 
+        .warmUpEncryptedKeys(Mockito.anyString());
 
+
 
+    when(p1.getKMSUrl()).thenReturn("p1");
 
+    when(p2.getKMSUrl()).thenReturn("p2");
 
+
 
+    LoadBalancingKMSClientProvider kp = new LoadBalancingKMSClientProvider(
 
+        new KMSClientProvider[] {p1, p2}, 0, conf);
 
+    try {
 
+      kp.warmUpEncryptedKeys(keyName);
 
+    } catch (Exception e) {
 
+      fail("Should not throw Exception since p2 doesn't throw Exception");
 
+    }
 
+    Mockito.verify(p1, Mockito.times(1)).warmUpEncryptedKeys(keyName);
 
+    Mockito.verify(p2, Mockito.times(1)).warmUpEncryptedKeys(keyName);
 
+  }
 
 }