HDFS-7942. NFS: support regexp grouping in nfs.exports.allowed.hosts. Contributed by Brandon Li
This commit is contained in:
parent
82eda771e0
commit
36af4a913c
@ -391,7 +391,7 @@ private static Match getMatch(String line) {
|
||||
return new CIDRMatch(privilege,
|
||||
new SubnetUtils(pair[0], pair[1]).getInfo());
|
||||
} else if (host.contains("*") || host.contains("?") || host.contains("[")
|
||||
|| host.contains("]")) {
|
||||
|| host.contains("]") || host.contains("(") || host.contains(")")) {
|
||||
if (LOG.isDebugEnabled()) {
|
||||
LOG.debug("Using Regex match for '" + host + "' and " + privilege);
|
||||
}
|
||||
|
@ -23,8 +23,8 @@
|
||||
|
||||
public class TestNfsExports {
|
||||
|
||||
private final String address1 = "192.168.0.1";
|
||||
private final String address2 = "10.0.0.1";
|
||||
private final String address1 = "192.168.0.12";
|
||||
private final String address2 = "10.0.0.12";
|
||||
private final String hostname1 = "a.b.com";
|
||||
private final String hostname2 = "a.b.org";
|
||||
|
||||
@ -164,6 +164,24 @@ public void testRegexHostRO() {
|
||||
matcher.getAccessPrivilege(address1, hostname2));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testRegexGrouping() {
|
||||
NfsExports matcher = new NfsExports(CacheSize, ExpirationPeriod,
|
||||
"192.168.0.(12|34)");
|
||||
Assert.assertEquals(AccessPrivilege.READ_ONLY,
|
||||
matcher.getAccessPrivilege(address1, hostname1));
|
||||
// address1 will hit the cache
|
||||
Assert.assertEquals(AccessPrivilege.READ_ONLY,
|
||||
matcher.getAccessPrivilege(address1, hostname2));
|
||||
|
||||
matcher = new NfsExports(CacheSize, ExpirationPeriod, "\\w*.a.b.com");
|
||||
Assert.assertEquals(AccessPrivilege.READ_ONLY,
|
||||
matcher.getAccessPrivilege("1.2.3.4", "web.a.b.com"));
|
||||
// address "1.2.3.4" will hit the cache
|
||||
Assert.assertEquals(AccessPrivilege.READ_ONLY,
|
||||
matcher.getAccessPrivilege("1.2.3.4", "email.a.b.org"));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testMultiMatchers() throws Exception {
|
||||
long shortExpirationPeriod = 1 * 1000 * 1000 * 1000; // 1s
|
||||
|
@ -1232,6 +1232,8 @@ Release 2.7.0 - UNRELEASED
|
||||
HDFS-6841. Use Time.monotonicNow() wherever applicable instead of Time.now()
|
||||
(Vinayakumar B via kihwal)
|
||||
|
||||
HDFS-7942. NFS: support regexp grouping in nfs.exports.allowed.hosts (brandonli)
|
||||
|
||||
BREAKDOWN OF HDFS-7584 SUBTASKS AND RELATED JIRAS
|
||||
|
||||
HDFS-7720. Quota by Storage Type API, tools and ClientNameNode
|
||||
|
@ -144,10 +144,12 @@ It's strongly recommended for the users to update a few configuration properties
|
||||
* By default, the export can be mounted by any client. To better control the access,
|
||||
users can update the following property. The value string contains machine name and
|
||||
access privilege, separated by whitespace
|
||||
characters. The machine name format can be a single host, a Java regular expression, or an IPv4 address. The access
|
||||
characters. The machine name format can be a single host, a "*", a Java regular expression, or an IPv4 address. The access
|
||||
privilege uses rw or ro to specify read/write or read-only access of the machines to exports. If the access privilege is not provided, the default is read-only. Entries are separated by ";".
|
||||
For example: "192.168.0.0/22 rw ; host.\*\\.example\\.com ; host1.test.org ro;". Only the NFS gateway needs to restart after
|
||||
this property is updated.
|
||||
For example: "192.168.0.0/22 rw ; \\\\w\*\\\\.example\\\\.com ; host1.test.org ro;". Only the NFS gateway needs to restart after
|
||||
this property is updated. Note that, here Java regular expression is differnt with the regrulation expression used in
|
||||
Linux NFS export table, such as, using "\\\\w\*\\\\.example\\\\.com" instead of "\*.example.com", "192\\\\.168\\\\.0\\\\.(11|22)"
|
||||
instead of "192.168.0.[11|22]" and so on.
|
||||
|
||||
<property>
|
||||
<name>nfs.exports.allowed.hosts</name>
|
||||
|
Loading…
Reference in New Issue
Block a user