Source code

001/*
002 * Licensed to the Apache Software Foundation (ASF) under one
003 * or more contributor license agreements.  See the NOTICE file
004 * distributed with this work for additional information
005 * regarding copyright ownership.  The ASF licenses this file
006 * to you under the Apache License, Version 2.0 (the
007 * "License"); you may not use this file except in compliance
008 * with the License.  You may obtain a copy of the License at
009 *
010 *     http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing, software
013 * distributed under the License is distributed on an "AS IS" BASIS,
014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
015 * See the License for the specific language governing permissions and
016 * limitations under the License.
017 */
018package org.apache.hadoop.hbase;
019
020import java.io.IOException;
021import org.apache.hadoop.conf.Configuration;
022import org.apache.hadoop.hbase.Waiter.Predicate;
023import org.apache.hadoop.hbase.client.Admin;
024import org.apache.hadoop.hbase.client.ColumnFamilyDescriptor;
025import org.apache.hadoop.hbase.client.ColumnFamilyDescriptorBuilder;
026import org.apache.hadoop.hbase.client.TableDescriptor;
027import org.apache.hadoop.hbase.io.crypto.KeyProviderForTesting;
028import org.apache.hadoop.hbase.io.hfile.HFile;
029import org.apache.hadoop.hbase.regionserver.wal.SecureProtobufLogReader;
030import org.apache.hadoop.hbase.regionserver.wal.SecureProtobufLogWriter;
031import org.apache.hadoop.hbase.testclassification.IntegrationTests;
032import org.apache.hadoop.hbase.util.EncryptionTest;
033import org.apache.hadoop.hbase.wal.WAL.Reader;
034import org.apache.hadoop.hbase.wal.WALProvider.Writer;
035import org.apache.hadoop.util.ToolRunner;
036import org.junit.Before;
037import org.junit.experimental.categories.Category;
038import org.slf4j.Logger;
039import org.slf4j.LoggerFactory;
040
041@Category(IntegrationTests.class)
042public class IntegrationTestIngestWithEncryption extends IntegrationTestIngest {
043  private final static Logger LOG =
044    LoggerFactory.getLogger(IntegrationTestIngestWithEncryption.class);
045
046  boolean initialized = false;
047
048  @Override
049  public void setUpCluster() throws Exception {
050    util = getTestingUtil(null);
051    Configuration conf = util.getConfiguration();
052    if (!util.isDistributedCluster()) {
053      // Inject required configuration if we are not running in distributed mode
054      conf.setInt(HFile.FORMAT_VERSION_KEY, 3);
055      conf.set(HConstants.CRYPTO_KEYPROVIDER_CONF_KEY, KeyProviderForTesting.class.getName());
056      conf.set(HConstants.CRYPTO_MASTERKEY_NAME_CONF_KEY, "hbase");
057      conf.setClass("hbase.regionserver.hlog.reader.impl", SecureProtobufLogReader.class,
058        Reader.class);
059      conf.setClass("hbase.regionserver.hlog.writer.impl", SecureProtobufLogWriter.class,
060        Writer.class);
061      conf.setBoolean(HConstants.ENABLE_WAL_ENCRYPTION, true);
062    }
063    // Check if the cluster configuration can support this test
064    try {
065      EncryptionTest.testEncryption(conf, "AES", null);
066    } catch (Exception e) {
067      LOG.warn("Encryption configuration test did not pass, skipping test", e);
068      return;
069    }
070    super.setUpCluster();
071    initialized = true;
072  }
073
074  @Before
075  @Override
076  public void setUp() throws Exception {
077    // Initialize the cluster. This invokes LoadTestTool -init_only, which
078    // will create the test table, appropriately pre-split
079    super.setUp();
080
081    if (!initialized) {
082      return;
083    }
084
085    // Update the test table schema so HFiles from this point will be written with
086    // encryption features enabled.
087    final Admin admin = util.getAdmin();
088    TableDescriptor tableDescriptor = admin.getDescriptor(getTablename());
089    for (ColumnFamilyDescriptor columnDescriptor : tableDescriptor.getColumnFamilies()) {
090      ColumnFamilyDescriptor updatedColumn =
091        ColumnFamilyDescriptorBuilder.newBuilder(columnDescriptor).setEncryptionType("AES").build();
092      LOG.info(
093        "Updating CF schema for " + getTablename() + "." + columnDescriptor.getNameAsString());
094      admin.disableTable(getTablename());
095      admin.modifyColumnFamily(getTablename(), updatedColumn);
096      admin.enableTable(getTablename());
097      util.waitFor(30000, 1000, true, new Predicate<IOException>() {
098        @Override
099        public boolean evaluate() throws IOException {
100          return admin.isTableAvailable(getTablename());
101        }
102      });
103    }
104  }
105
106  @Override
107  public int runTestFromCommandLine() throws Exception {
108    if (!initialized) {
109      return 0;
110    }
111    return super.runTestFromCommandLine();
112  }
113
114  @Override
115  public void cleanUp() throws Exception {
116    if (!initialized) {
117      return;
118    }
119    super.cleanUp();
120  }
121
122  public static void main(String[] args) throws Exception {
123    Configuration conf = HBaseConfiguration.create();
124    IntegrationTestingUtility.setUseDistributedCluster(conf);
125    int ret = ToolRunner.run(conf, new IntegrationTestIngestWithEncryption(), args);
126    System.exit(ret);
127  }
128}