Source code

001/*
002 * Licensed to the Apache Software Foundation (ASF) under one
003 * or more contributor license agreements.  See the NOTICE file
004 * distributed with this work for additional information
005 * regarding copyright ownership.  The ASF licenses this file
006 * to you under the Apache License, Version 2.0 (the
007 * "License"); you may not use this file except in compliance
008 * with the License.  You may obtain a copy of the License at
009 *
010 *     http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing, software
013 * distributed under the License is distributed on an "AS IS" BASIS,
014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
015 * See the License for the specific language governing permissions and
016 * limitations under the License.
017 */
018package org.apache.hadoop.hbase.wal;
019
020import static org.junit.Assert.assertEquals;
021import static org.junit.Assert.assertFalse;
022import static org.junit.Assert.assertTrue;
023
024import java.util.Arrays;
025import java.util.List;
026import java.util.NavigableMap;
027import java.util.TreeMap;
028import org.apache.commons.io.IOUtils;
029import org.apache.hadoop.conf.Configuration;
030import org.apache.hadoop.fs.FSDataInputStream;
031import org.apache.hadoop.fs.FileSystem;
032import org.apache.hadoop.fs.Path;
033import org.apache.hadoop.hbase.Cell;
034import org.apache.hadoop.hbase.HBaseClassTestRule;
035import org.apache.hadoop.hbase.HBaseTestingUtility;
036import org.apache.hadoop.hbase.HConstants;
037import org.apache.hadoop.hbase.KeyValue;
038import org.apache.hadoop.hbase.TableName;
039import org.apache.hadoop.hbase.client.RegionInfo;
040import org.apache.hadoop.hbase.client.RegionInfoBuilder;
041import org.apache.hadoop.hbase.io.crypto.KeyProviderForTesting;
042import org.apache.hadoop.hbase.regionserver.MultiVersionConcurrencyControl;
043import org.apache.hadoop.hbase.regionserver.wal.SecureAsyncProtobufLogWriter;
044import org.apache.hadoop.hbase.regionserver.wal.SecureProtobufLogReader;
045import org.apache.hadoop.hbase.regionserver.wal.SecureProtobufLogWriter;
046import org.apache.hadoop.hbase.testclassification.MediumTests;
047import org.apache.hadoop.hbase.testclassification.RegionServerTests;
048import org.apache.hadoop.hbase.util.Bytes;
049import org.apache.hadoop.hbase.util.CommonFSUtils;
050import org.apache.hadoop.hbase.util.EnvironmentEdgeManager;
051import org.junit.AfterClass;
052import org.junit.Before;
053import org.junit.BeforeClass;
054import org.junit.ClassRule;
055import org.junit.Rule;
056import org.junit.Test;
057import org.junit.experimental.categories.Category;
058import org.junit.rules.TestName;
059import org.junit.runner.RunWith;
060import org.junit.runners.Parameterized;
061import org.junit.runners.Parameterized.Parameter;
062import org.junit.runners.Parameterized.Parameters;
063
064@RunWith(Parameterized.class)
065@Category({ RegionServerTests.class, MediumTests.class })
066public class TestSecureWAL {
067
068  @ClassRule
069  public static final HBaseClassTestRule CLASS_RULE =
070    HBaseClassTestRule.forClass(TestSecureWAL.class);
071
072  static final HBaseTestingUtility TEST_UTIL = new HBaseTestingUtility();
073
074  @Rule
075  public TestName name = new TestName();
076
077  @Parameter
078  public String walProvider;
079
080  @Parameters(name = "{index}: provider={0}")
081  public static Iterable<Object[]> data() {
082    return Arrays.asList(new Object[] { "defaultProvider" }, new Object[] { "asyncfs" });
083  }
084
085  @BeforeClass
086  public static void setUpBeforeClass() throws Exception {
087    Configuration conf = TEST_UTIL.getConfiguration();
088    conf.set(HConstants.CRYPTO_KEYPROVIDER_CONF_KEY, KeyProviderForTesting.class.getName());
089    conf.set(HConstants.CRYPTO_MASTERKEY_NAME_CONF_KEY, "hbase");
090    conf.setClass("hbase.regionserver.hlog.reader.impl", SecureProtobufLogReader.class,
091      WAL.Reader.class);
092    conf.setClass("hbase.regionserver.hlog.writer.impl", SecureProtobufLogWriter.class,
093      WALProvider.Writer.class);
094    conf.setClass("hbase.regionserver.hlog.async.writer.impl", SecureAsyncProtobufLogWriter.class,
095      WALProvider.AsyncWriter.class);
096    conf.setBoolean(HConstants.ENABLE_WAL_ENCRYPTION, true);
097    CommonFSUtils.setRootDir(conf, TEST_UTIL.getDataTestDirOnTestFS());
098    TEST_UTIL.startMiniDFSCluster(3);
099  }
100
101  @AfterClass
102  public static void tearDownAfterClass() throws Exception {
103    TEST_UTIL.shutdownMiniCluster();
104  }
105
106  @Before
107  public void setUp() {
108    TEST_UTIL.getConfiguration().set(WALFactory.WAL_PROVIDER, walProvider);
109  }
110
111  @Test
112  public void testSecureWAL() throws Exception {
113    TableName tableName = TableName.valueOf(name.getMethodName().replaceAll("[^a-zA-Z0-9]", "_"));
114    NavigableMap<byte[], Integer> scopes = new TreeMap<>(Bytes.BYTES_COMPARATOR);
115    scopes.put(tableName.getName(), 0);
116    RegionInfo regionInfo = RegionInfoBuilder.newBuilder(tableName).build();
117    final int total = 10;
118    final byte[] row = Bytes.toBytes("row");
119    final byte[] family = Bytes.toBytes("family");
120    final byte[] value = Bytes.toBytes("Test value");
121    FileSystem fs = TEST_UTIL.getDFSCluster().getFileSystem();
122    final WALFactory wals =
123      new WALFactory(TEST_UTIL.getConfiguration(), tableName.getNameAsString());
124
125    // Write the WAL
126    final WAL wal = wals.getWAL(regionInfo);
127
128    MultiVersionConcurrencyControl mvcc = new MultiVersionConcurrencyControl();
129
130    for (int i = 0; i < total; i++) {
131      WALEdit kvs = new WALEdit();
132      kvs.add(new KeyValue(row, family, Bytes.toBytes(i), value));
133      wal.appendData(regionInfo, new WALKeyImpl(regionInfo.getEncodedNameAsBytes(), tableName,
134        EnvironmentEdgeManager.currentTime(), mvcc, scopes), kvs);
135    }
136    wal.sync();
137    final Path walPath = AbstractFSWALProvider.getCurrentFileName(wal);
138    wals.shutdown();
139
140    // Insure edits are not plaintext
141    long length = fs.getFileStatus(walPath).getLen();
142    FSDataInputStream in = fs.open(walPath);
143    byte[] fileData = new byte[(int) length];
144    IOUtils.readFully(in, fileData);
145    in.close();
146    assertFalse("Cells appear to be plaintext", Bytes.contains(fileData, value));
147
148    // Confirm the WAL can be read back
149    WAL.Reader reader = wals.createReader(TEST_UTIL.getTestFileSystem(), walPath);
150    int count = 0;
151    WAL.Entry entry = new WAL.Entry();
152    while (reader.next(entry) != null) {
153      count++;
154      List<Cell> cells = entry.getEdit().getCells();
155      assertTrue("Should be one KV per WALEdit", cells.size() == 1);
156      for (Cell cell : cells) {
157        assertTrue("Incorrect row", Bytes.equals(cell.getRowArray(), cell.getRowOffset(),
158          cell.getRowLength(), row, 0, row.length));
159        assertTrue("Incorrect family", Bytes.equals(cell.getFamilyArray(), cell.getFamilyOffset(),
160          cell.getFamilyLength(), family, 0, family.length));
161        assertTrue("Incorrect value", Bytes.equals(cell.getValueArray(), cell.getValueOffset(),
162          cell.getValueLength(), value, 0, value.length));
163      }
164    }
165    assertEquals("Should have read back as many KVs as written", total, count);
166    reader.close();
167  }
168}