001/**
002 * Licensed to the Apache Software Foundation (ASF) under one
003 * or more contributor license agreements.  See the NOTICE file
004 * distributed with this work for additional information
005 * regarding copyright ownership.  The ASF licenses this file
006 * to you under the Apache License, Version 2.0 (the
007 * "License"); you may not use this file except in compliance
008 * with the License.  You may obtain a copy of the License at
009 *
010 *     http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing, software
013 * distributed under the License is distributed on an "AS IS" BASIS,
014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
015 * See the License for the specific language governing permissions and
016 * limitations under the License.
017 */
018package org.apache.hadoop.hbase.snapshot;
019
020import java.io.IOException;
021import java.security.PrivilegedExceptionAction;
022import java.util.Collections;
023
024import org.apache.hadoop.conf.Configuration;
025import org.apache.hadoop.fs.FSDataInputStream;
026import org.apache.hadoop.fs.FSDataOutputStream;
027import org.apache.hadoop.fs.FileSystem;
028import org.apache.hadoop.fs.Path;
029import org.apache.hadoop.fs.permission.FsPermission;
030import org.apache.hadoop.hbase.HConstants;
031import org.apache.hadoop.hbase.TableName;
032import org.apache.hadoop.hbase.client.Admin;
033import org.apache.hadoop.hbase.client.Connection;
034import org.apache.hadoop.hbase.client.ConnectionFactory;
035import org.apache.hadoop.hbase.security.User;
036import org.apache.hadoop.hbase.security.access.PermissionStorage;
037import org.apache.hadoop.hbase.security.access.ShadedAccessControlUtil;
038import org.apache.hadoop.hbase.security.access.UserPermission;
039import org.apache.hadoop.hbase.util.EnvironmentEdgeManager;
040import org.apache.hadoop.hbase.util.FSUtils;
041import org.apache.yetus.audience.InterfaceAudience;
042import org.slf4j.Logger;
043import org.slf4j.LoggerFactory;
044
045import org.apache.hbase.thirdparty.com.google.common.collect.ListMultimap;
046import org.apache.hadoop.hbase.shaded.protobuf.ProtobufUtil;
047import org.apache.hadoop.hbase.shaded.protobuf.generated.SnapshotProtos.SnapshotDescription;
048
049/**
050 * Utility class to help manage {@link SnapshotDescription SnapshotDesriptions}.
051 * <p>
052 * Snapshots are laid out on disk like this:
053 *
054 * <pre>
055 * /hbase/.snapshots
056 *          /.tmp                &lt;---- working directory
057 *          /[snapshot name]     &lt;----- completed snapshot
058 * </pre>
059 *
060 * A completed snapshot named 'completed' then looks like (multiple regions, servers, files, etc.
061 * signified by '...' on the same directory depth).
062 *
063 * <pre>
064 * /hbase/.snapshots/completed
065 *                   .snapshotinfo          &lt;--- Description of the snapshot
066 *                   .tableinfo             &lt;--- Copy of the tableinfo
067 *                    /.logs
068 *                        /[server_name]
069 *                            /... [log files]
070 *                         ...
071 *                   /[region name]           &lt;---- All the region's information
072 *                   .regioninfo              &lt;---- Copy of the HRegionInfo
073 *                      /[column family name]
074 *                          /[hfile name]     &lt;--- name of the hfile in the real region
075 *                          ...
076 *                      ...
077 *                    ...
078 * </pre>
079 *
080 * Utility methods in this class are useful for getting the correct locations for different parts of
081 * the snapshot, as well as moving completed snapshots into place (see
082 * {@link #completeSnapshot}, and writing the
083 * {@link SnapshotDescription} to the working snapshot directory.
084 */
085@InterfaceAudience.Private
086public final class SnapshotDescriptionUtils {
087
088  /**
089   * Filter that only accepts completed snapshot directories
090   */
091  public static class CompletedSnaphotDirectoriesFilter extends FSUtils.BlackListDirFilter {
092
093    /**
094     * @param fs
095     */
096    public CompletedSnaphotDirectoriesFilter(FileSystem fs) {
097      super(fs, Collections.singletonList(SNAPSHOT_TMP_DIR_NAME));
098    }
099  }
100
101  private static final Logger LOG = LoggerFactory.getLogger(SnapshotDescriptionUtils.class);
102  /**
103   * Version of the fs layout for a snapshot. Future snapshots may have different file layouts,
104   * which we may need to read in differently.
105   */
106  public static final int SNAPSHOT_LAYOUT_VERSION = SnapshotManifestV2.DESCRIPTOR_VERSION;
107
108  // snapshot directory constants
109  /**
110   * The file contains the snapshot basic information and it is under the directory of a snapshot.
111   */
112  public static final String SNAPSHOTINFO_FILE = ".snapshotinfo";
113
114  /** Temporary directory under the snapshot directory to store in-progress snapshots */
115  public static final String SNAPSHOT_TMP_DIR_NAME = ".tmp";
116
117  /**
118   * The configuration property that determines the filepath of the snapshot
119   * base working directory
120   */
121  public static final String SNAPSHOT_WORKING_DIR = "hbase.snapshot.working.dir";
122
123  // snapshot operation values
124  /** Default value if no start time is specified */
125  public static final long NO_SNAPSHOT_START_TIME_SPECIFIED = 0;
126
127  public static final String MASTER_SNAPSHOT_TIMEOUT_MILLIS = "hbase.snapshot.master.timeout.millis";
128
129  /** By default, wait 300 seconds for a snapshot to complete */
130  public static final long DEFAULT_MAX_WAIT_TIME = 60000 * 5 ;
131
132  private SnapshotDescriptionUtils() {
133    // private constructor for utility class
134  }
135
136  /**
137   * @param conf {@link Configuration} from which to check for the timeout
138   * @param type type of snapshot being taken
139   * @param defaultMaxWaitTime Default amount of time to wait, if none is in the configuration
140   * @return the max amount of time the master should wait for a snapshot to complete
141   */
142  public static long getMaxMasterTimeout(Configuration conf, SnapshotDescription.Type type,
143      long defaultMaxWaitTime) {
144    String confKey;
145    switch (type) {
146    case DISABLED:
147    default:
148      confKey = MASTER_SNAPSHOT_TIMEOUT_MILLIS;
149    }
150    return Math.max(conf.getLong(confKey, defaultMaxWaitTime),
151        conf.getLong(MASTER_SNAPSHOT_TIMEOUT_MILLIS, defaultMaxWaitTime));
152  }
153
154  /**
155   * Get the snapshot root directory. All the snapshots are kept under this directory, i.e.
156   * ${hbase.rootdir}/.snapshot
157   * @param rootDir hbase root directory
158   * @return the base directory in which all snapshots are kept
159   */
160  public static Path getSnapshotRootDir(final Path rootDir) {
161    return new Path(rootDir, HConstants.SNAPSHOT_DIR_NAME);
162  }
163
164  /**
165   * Get the directory for a specified snapshot. This directory is a sub-directory of snapshot root
166   * directory and all the data files for a snapshot are kept under this directory.
167   * @param snapshot snapshot being taken
168   * @param rootDir hbase root directory
169   * @return the final directory for the completed snapshot
170   */
171  public static Path getCompletedSnapshotDir(final SnapshotDescription snapshot, final Path rootDir) {
172    return getCompletedSnapshotDir(snapshot.getName(), rootDir);
173  }
174
175  /**
176   * Get the directory for a completed snapshot. This directory is a sub-directory of snapshot root
177   * directory and all the data files for a snapshot are kept under this directory.
178   * @param snapshotName name of the snapshot being taken
179   * @param rootDir hbase root directory
180   * @return the final directory for the completed snapshot
181   */
182  public static Path getCompletedSnapshotDir(final String snapshotName, final Path rootDir) {
183    return getSpecifiedSnapshotDir(getSnapshotsDir(rootDir), snapshotName);
184  }
185
186  /**
187   * Get the general working directory for snapshots - where they are built, where they are
188   * temporarily copied on export, etc.
189   * @param rootDir root directory of the HBase installation
190   * @param conf Configuration of the HBase instance
191   * @return Path to the snapshot tmp directory, relative to the passed root directory
192   */
193  public static Path getWorkingSnapshotDir(final Path rootDir, final Configuration conf) {
194    return new Path(conf.get(SNAPSHOT_WORKING_DIR,
195        getDefaultWorkingSnapshotDir(rootDir).toString()));
196  }
197
198  /**
199   * Get the directory to build a snapshot, before it is finalized
200   * @param snapshot snapshot that will be built
201   * @param rootDir root directory of the hbase installation
202   * @param conf Configuration of the HBase instance
203   * @return {@link Path} where one can build a snapshot
204   */
205  public static Path getWorkingSnapshotDir(SnapshotDescription snapshot, final Path rootDir,
206      Configuration conf) {
207    return getWorkingSnapshotDir(snapshot.getName(), rootDir, conf);
208  }
209
210  /**
211   * Get the directory to build a snapshot, before it is finalized
212   * @param snapshotName name of the snapshot
213   * @param rootDir root directory of the hbase installation
214   * @param conf Configuration of the HBase instance
215   * @return {@link Path} where one can build a snapshot
216   */
217  public static Path getWorkingSnapshotDir(String snapshotName, final Path rootDir,
218      Configuration conf) {
219    return getSpecifiedSnapshotDir(getWorkingSnapshotDir(rootDir, conf), snapshotName);
220  }
221
222  /**
223   * Get the directory within the given filepath to store the snapshot instance
224   * @param snapshotsDir directory to store snapshot directory within
225   * @param snapshotName name of the snapshot to take
226   * @return the final directory for the snapshot in the given filepath
227   */
228  private static final Path getSpecifiedSnapshotDir(final Path snapshotsDir, String snapshotName) {
229    return new Path(snapshotsDir, snapshotName);
230  }
231
232  /**
233   * @param rootDir hbase root directory
234   * @return the directory for all completed snapshots;
235   */
236  public static final Path getSnapshotsDir(Path rootDir) {
237    return new Path(rootDir, HConstants.SNAPSHOT_DIR_NAME);
238  }
239
240  /**
241   * Determines if the given workingDir is a subdirectory of the given "root directory"
242   * @param workingDir a directory to check
243   * @param rootDir root directory of the HBase installation
244   * @return true if the given workingDir is a subdirectory of the given root directory,
245   *   false otherwise
246   */
247  public static boolean isSubDirectoryOf(final Path workingDir, final Path rootDir) {
248    return workingDir.toString().startsWith(rootDir.toString() + Path.SEPARATOR);
249  }
250
251  /**
252   * Determines if the given workingDir is a subdirectory of the default working snapshot directory
253   * @param workingDir a directory to check
254   * @param conf configuration for the HBase cluster
255   * @return true if the given workingDir is a subdirectory of the default working directory for
256   *   snapshots, false otherwise
257   * @throws IOException if we can't get the root dir
258   */
259  public static boolean isWithinDefaultWorkingDir(final Path workingDir, Configuration conf)
260    throws IOException {
261    Path defaultWorkingDir = getDefaultWorkingSnapshotDir(FSUtils.getRootDir(conf));
262    return workingDir.equals(defaultWorkingDir) || isSubDirectoryOf(workingDir, defaultWorkingDir);
263  }
264
265  /**
266   * Get the default working directory for snapshots - where they are built, where they are
267   * temporarily copied on export, etc.
268   * @param rootDir root directory of the HBase installation
269   * @return Path to the default snapshot tmp directory, relative to the passed root directory
270   */
271  private static Path getDefaultWorkingSnapshotDir(final Path rootDir) {
272    return new Path(getSnapshotsDir(rootDir), SNAPSHOT_TMP_DIR_NAME);
273  }
274
275  /**
276   * Convert the passed snapshot description into a 'full' snapshot description based on default
277   * parameters, if none have been supplied. This resolves any 'optional' parameters that aren't
278   * supplied to their default values.
279   * @param snapshot general snapshot descriptor
280   * @param conf Configuration to read configured snapshot defaults if snapshot is not complete
281   * @return a valid snapshot description
282   * @throws IllegalArgumentException if the {@link SnapshotDescription} is not a complete
283   *           {@link SnapshotDescription}.
284   */
285  public static SnapshotDescription validate(SnapshotDescription snapshot, Configuration conf)
286      throws IllegalArgumentException, IOException {
287    if (!snapshot.hasTable()) {
288      throw new IllegalArgumentException(
289          "Descriptor doesn't apply to a table, so we can't build it.");
290    }
291
292    // set the creation time, if one hasn't been set
293    long time = snapshot.getCreationTime();
294    if (time == SnapshotDescriptionUtils.NO_SNAPSHOT_START_TIME_SPECIFIED) {
295      time = EnvironmentEdgeManager.currentTime();
296      LOG.debug("Creation time not specified, setting to:" + time + " (current time:"
297          + EnvironmentEdgeManager.currentTime() + ").");
298      SnapshotDescription.Builder builder = snapshot.toBuilder();
299      builder.setCreationTime(time);
300      snapshot = builder.build();
301    }
302
303    // set the acl to snapshot if security feature is enabled.
304    if (isSecurityAvailable(conf)) {
305      snapshot = writeAclToSnapshotDescription(snapshot, conf);
306    }
307    return snapshot;
308  }
309
310  /**
311   * Write the snapshot description into the working directory of a snapshot
312   * @param snapshot description of the snapshot being taken
313   * @param workingDir working directory of the snapshot
314   * @param fs {@link FileSystem} on which the snapshot should be taken
315   * @throws IOException if we can't reach the filesystem and the file cannot be cleaned up on
316   *           failure
317   */
318  public static void writeSnapshotInfo(SnapshotDescription snapshot, Path workingDir, FileSystem fs)
319      throws IOException {
320    FsPermission perms = FSUtils.getFilePermissions(fs, fs.getConf(),
321      HConstants.DATA_FILE_UMASK_KEY);
322    Path snapshotInfo = new Path(workingDir, SnapshotDescriptionUtils.SNAPSHOTINFO_FILE);
323    try {
324      FSDataOutputStream out = FSUtils.create(fs, snapshotInfo, perms, true);
325      try {
326        snapshot.writeTo(out);
327      } finally {
328        out.close();
329      }
330    } catch (IOException e) {
331      // if we get an exception, try to remove the snapshot info
332      if (!fs.delete(snapshotInfo, false)) {
333        String msg = "Couldn't delete snapshot info file: " + snapshotInfo;
334        LOG.error(msg);
335        throw new IOException(msg);
336      }
337    }
338  }
339
340  /**
341   * Read in the {@link org.apache.hadoop.hbase.protobuf.generated.HBaseProtos.SnapshotDescription} stored for the snapshot in the passed directory
342   * @param fs filesystem where the snapshot was taken
343   * @param snapshotDir directory where the snapshot was stored
344   * @return the stored snapshot description
345   * @throws CorruptedSnapshotException if the
346   * snapshot cannot be read
347   */
348  public static SnapshotDescription readSnapshotInfo(FileSystem fs, Path snapshotDir)
349      throws CorruptedSnapshotException {
350    Path snapshotInfo = new Path(snapshotDir, SNAPSHOTINFO_FILE);
351    try {
352      FSDataInputStream in = null;
353      try {
354        in = fs.open(snapshotInfo);
355        SnapshotDescription desc = SnapshotDescription.parseFrom(in);
356        return desc;
357      } finally {
358        if (in != null) in.close();
359      }
360    } catch (IOException e) {
361      throw new CorruptedSnapshotException("Couldn't read snapshot info from:" + snapshotInfo, e);
362    }
363  }
364
365  /**
366   * Move the finished snapshot to its final, publicly visible directory - this marks the snapshot
367   * as 'complete'.
368   * @param snapshot description of the snapshot being tabken
369   * @param rootdir root directory of the hbase installation
370   * @param workingDir directory where the in progress snapshot was built
371   * @param fs {@link FileSystem} where the snapshot was built
372   * @throws org.apache.hadoop.hbase.snapshot.SnapshotCreationException if the
373   * snapshot could not be moved
374   * @throws IOException the filesystem could not be reached
375   */
376  public static void completeSnapshot(SnapshotDescription snapshot, Path rootdir, Path workingDir,
377      FileSystem fs) throws SnapshotCreationException, IOException {
378    Path finishedDir = getCompletedSnapshotDir(snapshot, rootdir);
379    LOG.debug("Snapshot is done, just moving the snapshot from " + workingDir + " to "
380        + finishedDir);
381    if (!fs.rename(workingDir, finishedDir)) {
382      throw new SnapshotCreationException(
383          "Failed to move working directory(" + workingDir + ") to completed directory("
384              + finishedDir + ").", ProtobufUtil.createSnapshotDesc(snapshot));
385    }
386  }
387
388  /**
389   * Check if the user is this table snapshot's owner
390   * @param snapshot the table snapshot description
391   * @param user the user
392   * @return true if the user is the owner of the snapshot,
393   *         false otherwise or the snapshot owner field is not present.
394   */
395  public static boolean isSnapshotOwner(org.apache.hadoop.hbase.client.SnapshotDescription snapshot,
396      User user) {
397    if (user == null) return false;
398    return user.getShortName().equals(snapshot.getOwner());
399  }
400
401  public static boolean isSecurityAvailable(Configuration conf) throws IOException {
402    try (Connection conn = ConnectionFactory.createConnection(conf)) {
403      try (Admin admin = conn.getAdmin()) {
404        return admin.tableExists(PermissionStorage.ACL_TABLE_NAME);
405      }
406    }
407  }
408
409  private static SnapshotDescription writeAclToSnapshotDescription(SnapshotDescription snapshot,
410      Configuration conf) throws IOException {
411    ListMultimap<String, UserPermission> perms =
412        User.runAsLoginUser(new PrivilegedExceptionAction<ListMultimap<String, UserPermission>>() {
413          @Override
414          public ListMultimap<String, UserPermission> run() throws Exception {
415            return PermissionStorage.getTablePermissions(conf,
416              TableName.valueOf(snapshot.getTable()));
417          }
418        });
419    return snapshot.toBuilder()
420        .setUsersAndPermissions(ShadedAccessControlUtil.toUserTablePermissions(perms)).build();
421  }
422}