Source code

001/*
002 * Licensed to the Apache Software Foundation (ASF) under one
003 * or more contributor license agreements.  See the NOTICE file
004 * distributed with this work for additional information
005 * regarding copyright ownership.  The ASF licenses this file
006 * to you under the Apache License, Version 2.0 (the
007 * "License"); you may not use this file except in compliance
008 * with the License.  You may obtain a copy of the License at
009 *
010 *     http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing, software
013 * distributed under the License is distributed on an "AS IS" BASIS,
014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
015 * See the License for the specific language governing permissions and
016 * limitations under the License.
017 */
018package org.apache.hadoop.hbase.http.jmx;
019
020import java.io.IOException;
021import java.io.PrintWriter;
022import java.lang.management.ManagementFactory;
023import java.util.Iterator;
024import java.util.List;
025import javax.management.MBeanServer;
026import javax.management.MalformedObjectNameException;
027import javax.management.ObjectName;
028import javax.management.openmbean.CompositeData;
029import javax.management.openmbean.TabularData;
030import javax.servlet.ServletException;
031import javax.servlet.http.HttpServlet;
032import javax.servlet.http.HttpServletRequest;
033import javax.servlet.http.HttpServletResponse;
034import org.apache.hadoop.hbase.http.HttpServer;
035import org.apache.hadoop.hbase.util.JSONBean;
036import org.apache.yetus.audience.InterfaceAudience;
037import org.slf4j.Logger;
038import org.slf4j.LoggerFactory;
039
040import org.apache.hbase.thirdparty.com.google.common.base.Splitter;
041
042/*
043 * This servlet is based off of the JMXProxyServlet from Tomcat 7.0.14. It has
044 * been rewritten to be read only and to output in a JSON format so it is not
045 * really that close to the original.
046 */
047/**
048 * Provides Read only web access to JMX.
049 * <p>
050 * This servlet generally will be placed under the /jmx URL for each HttpServer. It provides read
051 * only access to JMX metrics. The optional <code>qry</code> parameter may be used to query only a
052 * subset of the JMX Beans. This query functionality is provided through the
053 * {@link MBeanServer#queryNames(ObjectName, javax.management.QueryExp)} method.
054 * </p>
055 * <p>
056 * For example <code>http://.../jmx?qry=Hadoop:*</code> will return all hadoop metrics exposed
057 * through JMX.
058 * </p>
059 * <p>
060 * The optional <code>get</code> parameter is used to query an specific attribute of a JMX bean. The
061 * format of the URL is <code>http://.../jmx?get=MXBeanName::AttributeName</code>
062 * </p>
063 * <p>
064 * For example <code>
065 * http://../jmx?get=Hadoop:service=NameNode,name=NameNodeInfo::ClusterId
066 * </code> will return the cluster id of the namenode mxbean.
067 * </p>
068 * <p>
069 * If we are not sure on the exact attribute and we want to get all the attributes that match one or
070 * more given pattern then the format is
071 * <code>http://.../jmx?get=MXBeanName::*[RegExp1],*[RegExp2]</code>
072 * </p>
073 * <p>
074 * For example <code>
075 * <p>
076 * http://../jmx?get=Hadoop:service=HBase,name=RegionServer,sub=Tables::[a-zA-z_0-9]*memStoreSize
077 * </p>
078 * <p>
079 * http://../jmx?get=Hadoop:service=HBase,name=RegionServer,sub=Tables::[a-zA-z_0-9]*memStoreSize,[a-zA-z_0-9]*storeFileSize
080 * </p>
081 * </code>
082 * </p>
083 * If the <code>qry</code> or the <code>get</code> parameter is not formatted correctly then a 400
084 * BAD REQUEST http response code will be returned.
085 * </p>
086 * <p>
087 * If a resouce such as a mbean or attribute can not be found, a 404 SC_NOT_FOUND http response code
088 * will be returned.
089 * </p>
090 * <p>
091 * The return format is JSON and in the form
092 * </p>
093 *
094 * <pre>
095 * <code>
096 *  {
097 *    "beans" : [
098 *      {
099 *        "name":"bean-name"
100 *        ...
101 *      }
102 *    ]
103 *  }
104 *  </code>
105 * </pre>
106 * <p>
107 * The servlet attempts to convert the the JMXBeans into JSON. Each bean's attributes will be
108 * converted to a JSON object member. If the attribute is a boolean, a number, a string, or an array
109 * it will be converted to the JSON equivalent. If the value is a {@link CompositeData} then it will
110 * be converted to a JSON object with the keys as the name of the JSON member and the value is
111 * converted following these same rules. If the value is a {@link TabularData} then it will be
112 * converted to an array of the {@link CompositeData} elements that it contains. All other objects
113 * will be converted to a string and output as such. The bean's name and modelerType will be
114 * returned for all beans. Optional paramater "callback" should be used to deliver JSONP response.
115 * </p>
116 */
117@InterfaceAudience.Private
118public class JMXJsonServlet extends HttpServlet {
119  private static final Logger LOG = LoggerFactory.getLogger(JMXJsonServlet.class);
120
121  private static final long serialVersionUID = 1L;
122
123  private static final String CALLBACK_PARAM = "callback";
124  /**
125   * If query string includes 'description', then we will emit bean and attribute descriptions to
126   * output IFF they are not null and IFF the description is not the same as the attribute name:
127   * i.e. specify a URL like so: /jmx?description=true
128   */
129  private static final String INCLUDE_DESCRIPTION = "description";
130
131  /**
132   * MBean server.
133   */
134  protected transient MBeanServer mBeanServer;
135
136  protected transient JSONBean jsonBeanWriter;
137
138  /**
139   * Initialize this servlet.
140   */
141  @Override
142  public void init() throws ServletException {
143    // Retrieve the MBean server
144    mBeanServer = ManagementFactory.getPlatformMBeanServer();
145    this.jsonBeanWriter = new JSONBean();
146  }
147
148  /**
149   * Process a GET request for the specified resource. n * The servlet request we are processing n *
150   * The servlet response we are creating
151   */
152  @Override
153  public void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException {
154    try {
155      if (!HttpServer.isInstrumentationAccessAllowed(getServletContext(), request, response)) {
156        return;
157      }
158      String jsonpcb = null;
159      PrintWriter writer = null;
160      JSONBean.Writer beanWriter = null;
161      try {
162        jsonpcb = checkCallbackName(request.getParameter(CALLBACK_PARAM));
163        writer = response.getWriter();
164
165        // "callback" parameter implies JSONP outpout
166        if (jsonpcb != null) {
167          response.setContentType("application/javascript; charset=utf8");
168          writer.write(jsonpcb + "(");
169        } else {
170          response.setContentType("application/json; charset=utf8");
171        }
172        beanWriter = this.jsonBeanWriter.open(writer);
173        // Should we output description on each attribute and bean?
174        String tmpStr = request.getParameter(INCLUDE_DESCRIPTION);
175        boolean description = tmpStr != null && tmpStr.length() > 0;
176
177        // query per mbean attribute
178        String getmethod = request.getParameter("get");
179        if (getmethod != null) {
180          List<String> splitStrings = Splitter.onPattern("\\:\\:").splitToList(getmethod);
181          if (splitStrings.size() != 2) {
182            beanWriter.write("result", "ERROR");
183            beanWriter.write("message", "query format is not as expected.");
184            beanWriter.flush();
185            response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
186            return;
187          }
188          Iterator<String> i = splitStrings.iterator();
189          if (
190            beanWriter.write(this.mBeanServer, new ObjectName(i.next()), i.next(), description) != 0
191          ) {
192            beanWriter.flush();
193            response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
194          }
195          return;
196        }
197
198        // query per mbean
199        String qry = request.getParameter("qry");
200        if (qry == null) {
201          qry = "*:*";
202        }
203        if (beanWriter.write(this.mBeanServer, new ObjectName(qry), null, description) != 0) {
204          beanWriter.flush();
205          response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
206        }
207      } finally {
208        if (beanWriter != null) {
209          beanWriter.close();
210        }
211        if (jsonpcb != null) {
212          writer.write(");");
213        }
214        if (writer != null) {
215          writer.close();
216        }
217      }
218    } catch (IOException e) {
219      LOG.error("Caught an exception while processing JMX request", e);
220      response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
221    } catch (MalformedObjectNameException e) {
222      LOG.error("Caught an exception while processing JMX request", e);
223      response.sendError(HttpServletResponse.SC_BAD_REQUEST);
224    }
225  }
226
227  /**
228   * Verifies that the callback property, if provided, is purely alphanumeric. This prevents a
229   * malicious callback name (that is javascript code) from being returned by the UI to an
230   * unsuspecting user.
231   * @param callbackName The callback name, can be null.
232   * @return The callback name
233   * @throws IOException If the name is disallowed.
234   */
235  private String checkCallbackName(String callbackName) throws IOException {
236    if (null == callbackName) {
237      return null;
238    }
239    if (callbackName.matches("[A-Za-z0-9_]+")) {
240      return callbackName;
241    }
242    throw new IOException("'callback' must be alphanumeric");
243  }
244}