View Javadoc

1   /*
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements.  See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership.  The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License.  You may obtain a copy of the License at
9    *
10   *     http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing, software
13   * distributed under the License is distributed on an "AS IS" BASIS,
14   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15   * See the License for the specific language governing permissions and
16   * limitations under the License.
17   */
18  package org.apache.hadoop.hbase;
19  
20  import java.io.IOException;
21  
22  import org.apache.commons.logging.Log;
23  import org.apache.commons.logging.LogFactory;
24  import org.apache.hadoop.conf.Configuration;
25  import org.apache.hadoop.hbase.Waiter.Predicate;
26  import org.apache.hadoop.hbase.client.Admin;
27  import org.apache.hadoop.hbase.io.crypto.KeyProviderForTesting;
28  import org.apache.hadoop.hbase.io.hfile.HFile;
29  import org.apache.hadoop.hbase.io.hfile.HFileReaderV3;
30  import org.apache.hadoop.hbase.io.hfile.HFileWriterV3;
31  import org.apache.hadoop.hbase.testclassification.IntegrationTests;
32  import org.apache.hadoop.hbase.wal.WAL.Reader;
33  import org.apache.hadoop.hbase.wal.WALProvider.Writer;
34  import org.apache.hadoop.hbase.regionserver.wal.SecureProtobufLogReader;
35  import org.apache.hadoop.hbase.regionserver.wal.SecureProtobufLogWriter;
36  import org.apache.hadoop.hbase.util.EncryptionTest;
37  import org.apache.hadoop.util.ToolRunner;
38  import org.apache.log4j.Level;
39  import org.apache.log4j.Logger;
40  
41  import org.junit.Before;
42  import org.junit.experimental.categories.Category;
43  
44  @Category(IntegrationTests.class)
45  public class IntegrationTestIngestWithEncryption extends IntegrationTestIngest {
46    private final static Log LOG = LogFactory.getLog(IntegrationTestIngestWithEncryption.class);
47    boolean initialized = false;
48  
49    static {
50      // These log level changes are only useful when running on a localhost
51      // cluster.
52      Logger.getLogger(HFileReaderV3.class).setLevel(Level.TRACE);
53      Logger.getLogger(HFileWriterV3.class).setLevel(Level.TRACE);
54      Logger.getLogger(SecureProtobufLogReader.class).setLevel(Level.TRACE);
55      Logger.getLogger(SecureProtobufLogWriter.class).setLevel(Level.TRACE);
56    }
57  
58    @Override
59    public void setUpCluster() throws Exception {
60      util = getTestingUtil(null);
61      Configuration conf = util.getConfiguration();
62      if (!util.isDistributedCluster()) {
63        // Inject required configuration if we are not running in distributed mode
64        conf.setInt(HFile.FORMAT_VERSION_KEY, 3);
65        conf.set(HConstants.CRYPTO_KEYPROVIDER_CONF_KEY, KeyProviderForTesting.class.getName());
66        conf.set(HConstants.CRYPTO_MASTERKEY_NAME_CONF_KEY, "hbase");
67        conf.setClass("hbase.regionserver.hlog.reader.impl", SecureProtobufLogReader.class,
68          Reader.class);
69        conf.setClass("hbase.regionserver.hlog.writer.impl", SecureProtobufLogWriter.class,
70          Writer.class);
71        conf.setBoolean(HConstants.ENABLE_WAL_ENCRYPTION, true);
72      }
73      // Check if the cluster configuration can support this test
74      try {
75        EncryptionTest.testEncryption(conf, "AES", null);
76      } catch (Exception e) {
77        LOG.warn("Encryption configuration test did not pass, skipping test");
78        return;
79      }
80      super.setUpCluster();
81      initialized = true;
82    }
83  
84    @Before
85    @Override
86    public void setUp() throws Exception {
87      // Initialize the cluster. This invokes LoadTestTool -init_only, which
88      // will create the test table, appropriately pre-split
89      super.setUp();
90  
91      if (!initialized) {
92        return;
93      }
94  
95      // Update the test table schema so HFiles from this point will be written with
96      // encryption features enabled.
97      final Admin admin = util.getHBaseAdmin();
98      HTableDescriptor tableDescriptor =
99          new HTableDescriptor(admin.getTableDescriptor(getTablename()));
100     for (HColumnDescriptor columnDescriptor: tableDescriptor.getColumnFamilies()) {
101       columnDescriptor.setEncryptionType("AES");
102       LOG.info("Updating CF schema for " + getTablename() + "." +
103         columnDescriptor.getNameAsString());
104       admin.disableTable(getTablename());
105       admin.modifyColumn(getTablename(), columnDescriptor);
106       admin.enableTable(getTablename());
107       util.waitFor(30000, 1000, true, new Predicate<IOException>() {
108         @Override
109         public boolean evaluate() throws IOException {
110           return admin.isTableAvailable(getTablename());
111         }
112       });
113     }
114   }
115 
116   @Override
117   public int runTestFromCommandLine() throws Exception {
118     if (!initialized) {
119       return 0;
120     }
121     return super.runTestFromCommandLine();
122   }
123 
124   @Override
125   public void cleanUp() throws Exception {
126     if (!initialized) {
127       return;
128     }
129     super.cleanUp();
130   }
131 
132   public static void main(String[] args) throws Exception {
133     Configuration conf = HBaseConfiguration.create();
134     IntegrationTestingUtility.setUseDistributedCluster(conf);
135     int ret = ToolRunner.run(conf, new IntegrationTestIngestWithEncryption(), args);
136     System.exit(ret);
137   }
138 }