Source code

001/*
002 * Licensed to the Apache Software Foundation (ASF) under one
003 * or more contributor license agreements.  See the NOTICE file
004 * distributed with this work for additional information
005 * regarding copyright ownership.  The ASF licenses this file
006 * to you under the Apache License, Version 2.0 (the
007 * "License"); you may not use this file except in compliance
008 * with the License.  You may obtain a copy of the License at
009 *
010 *     http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing, software
013 * distributed under the License is distributed on an "AS IS" BASIS,
014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
015 * See the License for the specific language governing permissions and
016 * limitations under the License.
017 */
018package org.apache.hadoop.hbase.ipc;
019
020import java.io.IOException;
021import java.net.InetSocketAddress;
022import java.net.UnknownHostException;
023import java.util.concurrent.TimeUnit;
024import org.apache.hadoop.conf.Configuration;
025import org.apache.hadoop.hbase.HConstants;
026import org.apache.hadoop.hbase.client.MetricsConnection;
027import org.apache.hadoop.hbase.codec.Codec;
028import org.apache.hadoop.hbase.net.Address;
029import org.apache.hadoop.hbase.security.SecurityInfo;
030import org.apache.hadoop.hbase.security.User;
031import org.apache.hadoop.hbase.security.provider.SaslClientAuthenticationProvider;
032import org.apache.hadoop.hbase.security.provider.SaslClientAuthenticationProviders;
033import org.apache.hadoop.hbase.util.EnvironmentEdgeManager;
034import org.apache.hadoop.hbase.util.Pair;
035import org.apache.hadoop.io.compress.CompressionCodec;
036import org.apache.hadoop.security.token.Token;
037import org.apache.hadoop.security.token.TokenIdentifier;
038import org.apache.yetus.audience.InterfaceAudience;
039import org.slf4j.Logger;
040import org.slf4j.LoggerFactory;
041
042import org.apache.hbase.thirdparty.io.netty.util.HashedWheelTimer;
043import org.apache.hbase.thirdparty.io.netty.util.Timeout;
044import org.apache.hbase.thirdparty.io.netty.util.TimerTask;
045
046import org.apache.hadoop.hbase.shaded.protobuf.ProtobufUtil;
047import org.apache.hadoop.hbase.shaded.protobuf.generated.RPCProtos.ConnectionHeader;
048import org.apache.hadoop.hbase.shaded.protobuf.generated.RPCProtos.UserInformation;
049
050/**
051 * Base class for ipc connection.
052 */
053@InterfaceAudience.Private
054abstract class RpcConnection {
055
056  private static final Logger LOG = LoggerFactory.getLogger(RpcConnection.class);
057
058  protected final ConnectionId remoteId;
059
060  protected final boolean useSasl;
061
062  protected final Token<? extends TokenIdentifier> token;
063
064  protected final SecurityInfo securityInfo;
065
066  protected final int reloginMaxBackoff; // max pause before relogin on sasl failure
067
068  protected final Codec codec;
069
070  protected final CompressionCodec compressor;
071
072  protected final MetricsConnection metrics;
073
074  protected final HashedWheelTimer timeoutTimer;
075
076  protected final Configuration conf;
077
078  protected static String CRYPTO_AES_ENABLED_KEY = "hbase.rpc.crypto.encryption.aes.enabled";
079
080  protected static boolean CRYPTO_AES_ENABLED_DEFAULT = false;
081
082  // the last time we were picked up from connection pool.
083  protected long lastTouched;
084
085  protected SaslClientAuthenticationProvider provider;
086
087  protected RpcConnection(Configuration conf, HashedWheelTimer timeoutTimer, ConnectionId remoteId,
088    String clusterId, boolean isSecurityEnabled, Codec codec, CompressionCodec compressor,
089    MetricsConnection metrics) throws IOException {
090    this.timeoutTimer = timeoutTimer;
091    this.codec = codec;
092    this.compressor = compressor;
093    this.conf = conf;
094    this.metrics = metrics;
095    User ticket = remoteId.getTicket();
096    this.securityInfo = SecurityInfo.getInfo(remoteId.getServiceName());
097    this.useSasl = isSecurityEnabled;
098
099    // Choose the correct Token and AuthenticationProvider for this client to use
100    SaslClientAuthenticationProviders providers =
101      SaslClientAuthenticationProviders.getInstance(conf);
102    Pair<SaslClientAuthenticationProvider, Token<? extends TokenIdentifier>> pair;
103    if (useSasl && securityInfo != null) {
104      pair = providers.selectProvider(clusterId, ticket);
105      if (pair == null) {
106        if (LOG.isTraceEnabled()) {
107          LOG.trace("Found no valid authentication method from providers={} with tokens={}",
108            providers.toString(), ticket.getTokens());
109        }
110        throw new RuntimeException("Found no valid authentication method from options");
111      }
112    } else if (!useSasl) {
113      // Hack, while SIMPLE doesn't go via SASL.
114      pair = providers.getSimpleProvider();
115    } else {
116      throw new RuntimeException("Could not compute valid client authentication provider");
117    }
118
119    this.provider = pair.getFirst();
120    this.token = pair.getSecond();
121
122    LOG.debug("Using {} authentication for service={}, sasl={}",
123      provider.getSaslAuthMethod().getName(), remoteId.serviceName, useSasl);
124    reloginMaxBackoff = conf.getInt("hbase.security.relogin.maxbackoff", 5000);
125    this.remoteId = remoteId;
126  }
127
128  protected final void scheduleTimeoutTask(final Call call) {
129    if (call.timeout > 0) {
130      call.timeoutTask = timeoutTimer.newTimeout(new TimerTask() {
131
132        @Override
133        public void run(Timeout timeout) throws Exception {
134          call.setTimeout(new CallTimeoutException(call.toShortString() + ", waitTime="
135            + (EnvironmentEdgeManager.currentTime() - call.getStartTime()) + "ms, rpcTimeout="
136            + call.timeout + "ms"));
137          callTimeout(call);
138        }
139      }, call.timeout, TimeUnit.MILLISECONDS);
140    }
141  }
142
143  protected final byte[] getConnectionHeaderPreamble() {
144    // Assemble the preamble up in a buffer first and then send it. Writing individual elements,
145    // they are getting sent across piecemeal according to wireshark and then server is messing
146    // up the reading on occasion (the passed in stream is not buffered yet).
147
148    // Preamble is six bytes -- 'HBas' + VERSION + AUTH_CODE
149    int rpcHeaderLen = HConstants.RPC_HEADER.length;
150    byte[] preamble = new byte[rpcHeaderLen + 2];
151    System.arraycopy(HConstants.RPC_HEADER, 0, preamble, 0, rpcHeaderLen);
152    preamble[rpcHeaderLen] = HConstants.RPC_CURRENT_VERSION;
153    synchronized (this) {
154      preamble[rpcHeaderLen + 1] = provider.getSaslAuthMethod().getCode();
155    }
156    return preamble;
157  }
158
159  protected final ConnectionHeader getConnectionHeader() {
160    final ConnectionHeader.Builder builder = ConnectionHeader.newBuilder();
161    builder.setServiceName(remoteId.getServiceName());
162    final UserInformation userInfoPB = provider.getUserInfo(remoteId.ticket);
163    if (userInfoPB != null) {
164      builder.setUserInfo(userInfoPB);
165    }
166    if (this.codec != null) {
167      builder.setCellBlockCodecClass(this.codec.getClass().getCanonicalName());
168    }
169    if (this.compressor != null) {
170      builder.setCellBlockCompressorClass(this.compressor.getClass().getCanonicalName());
171    }
172    builder.setVersionInfo(ProtobufUtil.getVersionInfo());
173    boolean isCryptoAESEnable = conf.getBoolean(CRYPTO_AES_ENABLED_KEY, CRYPTO_AES_ENABLED_DEFAULT);
174    // if Crypto AES enable, setup Cipher transformation
175    if (isCryptoAESEnable) {
176      builder.setRpcCryptoCipherTransformation(
177        conf.get("hbase.rpc.crypto.encryption.aes.cipher.transform", "AES/CTR/NoPadding"));
178    }
179    return builder.build();
180  }
181
182  protected final InetSocketAddress getRemoteInetAddress(MetricsConnection metrics)
183    throws UnknownHostException {
184    if (metrics != null) {
185      metrics.incrNsLookups();
186    }
187    InetSocketAddress remoteAddr = Address.toSocketAddress(remoteId.getAddress());
188    if (remoteAddr.isUnresolved()) {
189      if (metrics != null) {
190        metrics.incrNsLookupsFailed();
191      }
192      throw new UnknownHostException(remoteId.getAddress() + " could not be resolved");
193    }
194    return remoteAddr;
195  }
196
197  protected abstract void callTimeout(Call call);
198
199  public ConnectionId remoteId() {
200    return remoteId;
201  }
202
203  public long getLastTouched() {
204    return lastTouched;
205  }
206
207  public void setLastTouched(long lastTouched) {
208    this.lastTouched = lastTouched;
209  }
210
211  /**
212   * Tell the idle connection sweeper whether we could be swept.
213   */
214  public abstract boolean isActive();
215
216  /**
217   * Just close connection. Do not need to remove from connection pool.
218   */
219  public abstract void shutdown();
220
221  public abstract void sendRequest(Call call, HBaseRpcController hrc) throws IOException;
222
223  /**
224   * Does the clean up work after the connection is removed from the connection pool
225   */
226  public abstract void cleanupConnection();
227}