001/*
002 * Licensed to the Apache Software Foundation (ASF) under one
003 * or more contributor license agreements.  See the NOTICE file
004 * distributed with this work for additional information
005 * regarding copyright ownership.  The ASF licenses this file
006 * to you under the Apache License, Version 2.0 (the
007 * "License"); you may not use this file except in compliance
008 * with the License.  You may obtain a copy of the License at
009 *
010 *     http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing, software
013 * distributed under the License is distributed on an "AS IS" BASIS,
014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
015 * See the License for the specific language governing permissions and
016 * limitations under the License.
017 */
018package org.apache.hadoop.hbase;
019
020import java.io.IOException;
021
022import org.apache.hadoop.conf.Configuration;
023import org.apache.hadoop.hbase.Waiter.Predicate;
024import org.apache.hadoop.hbase.client.Admin;
025import org.apache.hadoop.hbase.client.ColumnFamilyDescriptor;
026import org.apache.hadoop.hbase.client.ColumnFamilyDescriptorBuilder;
027import org.apache.hadoop.hbase.client.TableDescriptor;
028import org.apache.hadoop.hbase.io.crypto.KeyProviderForTesting;
029import org.apache.hadoop.hbase.io.hfile.HFile;
030import org.apache.hadoop.hbase.wal.WAL.Reader;
031import org.apache.hadoop.hbase.wal.WALProvider.Writer;
032import org.apache.hadoop.hbase.regionserver.wal.SecureProtobufLogReader;
033import org.apache.hadoop.hbase.regionserver.wal.SecureProtobufLogWriter;
034import org.apache.hadoop.hbase.testclassification.IntegrationTests;
035import org.apache.hadoop.hbase.util.EncryptionTest;
036import org.apache.hadoop.util.ToolRunner;
037import org.junit.Before;
038import org.junit.experimental.categories.Category;
039import org.slf4j.Logger;
040import org.slf4j.LoggerFactory;
041
042@Category(IntegrationTests.class)
043public class IntegrationTestIngestWithEncryption extends IntegrationTestIngest {
044  private final static Logger LOG =
045      LoggerFactory.getLogger(IntegrationTestIngestWithEncryption.class);
046
047  boolean initialized = false;
048
049  @Override
050  public void setUpCluster() throws Exception {
051    util = getTestingUtil(null);
052    Configuration conf = util.getConfiguration();
053    if (!util.isDistributedCluster()) {
054      // Inject required configuration if we are not running in distributed mode
055      conf.setInt(HFile.FORMAT_VERSION_KEY, 3);
056      conf.set(HConstants.CRYPTO_KEYPROVIDER_CONF_KEY, KeyProviderForTesting.class.getName());
057      conf.set(HConstants.CRYPTO_MASTERKEY_NAME_CONF_KEY, "hbase");
058      conf.setClass("hbase.regionserver.hlog.reader.impl", SecureProtobufLogReader.class,
059        Reader.class);
060      conf.setClass("hbase.regionserver.hlog.writer.impl", SecureProtobufLogWriter.class,
061        Writer.class);
062      conf.setBoolean(HConstants.ENABLE_WAL_ENCRYPTION, true);
063    }
064    // Check if the cluster configuration can support this test
065    try {
066      EncryptionTest.testEncryption(conf, "AES", null);
067    } catch (Exception e) {
068      LOG.warn("Encryption configuration test did not pass, skipping test", e);
069      return;
070    }
071    super.setUpCluster();
072    initialized = true;
073  }
074
075  @Before
076  @Override
077  public void setUp() throws Exception {
078    // Initialize the cluster. This invokes LoadTestTool -init_only, which
079    // will create the test table, appropriately pre-split
080    super.setUp();
081
082    if (!initialized) {
083      return;
084    }
085
086    // Update the test table schema so HFiles from this point will be written with
087    // encryption features enabled.
088    final Admin admin = util.getAdmin();
089    TableDescriptor tableDescriptor = admin.getDescriptor(getTablename());
090    for (ColumnFamilyDescriptor columnDescriptor : tableDescriptor.getColumnFamilies()) {
091      ColumnFamilyDescriptor updatedColumn = ColumnFamilyDescriptorBuilder
092          .newBuilder(columnDescriptor).setEncryptionType("AES").build();
093      LOG.info(
094        "Updating CF schema for " + getTablename() + "." + columnDescriptor.getNameAsString());
095      admin.disableTable(getTablename());
096      admin.modifyColumnFamily(getTablename(), updatedColumn);
097      admin.enableTable(getTablename());
098      util.waitFor(30000, 1000, true, new Predicate<IOException>() {
099        @Override
100        public boolean evaluate() throws IOException {
101          return admin.isTableAvailable(getTablename());
102        }
103      });
104    }
105  }
106
107  @Override
108  public int runTestFromCommandLine() throws Exception {
109    if (!initialized) {
110      return 0;
111    }
112    return super.runTestFromCommandLine();
113  }
114
115  @Override
116  public void cleanUp() throws Exception {
117    if (!initialized) {
118      return;
119    }
120    super.cleanUp();
121  }
122
123  public static void main(String[] args) throws Exception {
124    Configuration conf = HBaseConfiguration.create();
125    IntegrationTestingUtility.setUseDistributedCluster(conf);
126    int ret = ToolRunner.run(conf, new IntegrationTestIngestWithEncryption(), args);
127    System.exit(ret);
128  }
129}