From b1e55cfb557056306db92b4a74f7b0288fd193ee Mon Sep 17 00:00:00 2001 From: Inigo Goiri Date: Thu, 26 Sep 2019 15:26:23 -0700 Subject: [PATCH] HDFS-14461. RBF: Fix intermittently failing kerberos related unit test. Contributed by Xiaoqiao He. --- .../fs/contract/router/RouterHDFSContract.java | 17 +++++++++++++---- .../fs/contract/router/SecurityConfUtil.java | 15 +++++++++++++-- .../TestRouterHDFSContractAppendSecure.java | 4 +--- .../TestRouterHDFSContractConcatSecure.java | 5 +---- .../TestRouterHDFSContractCreateSecure.java | 5 +---- .../TestRouterHDFSContractDelegationToken.java | 2 +- .../TestRouterHDFSContractDeleteSecure.java | 4 +--- ...stRouterHDFSContractGetFileStatusSecure.java | 5 +---- .../TestRouterHDFSContractMkdirSecure.java | 5 +---- .../TestRouterHDFSContractOpenSecure.java | 5 +---- .../TestRouterHDFSContractRenameSecure.java | 5 +---- ...stRouterHDFSContractRootDirectorySecure.java | 5 +---- .../TestRouterHDFSContractSeekSecure.java | 5 +---- .../TestRouterHDFSContractSetTimesSecure.java | 5 +---- .../security/TestRouterHttpDelegationToken.java | 1 + 15 files changed, 39 insertions(+), 49 deletions(-) diff --git a/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/fs/contract/router/RouterHDFSContract.java b/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/fs/contract/router/RouterHDFSContract.java index eaf874b185..472a7894e5 100644 --- a/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/fs/contract/router/RouterHDFSContract.java +++ b/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/fs/contract/router/RouterHDFSContract.java @@ -43,16 +43,20 @@ public RouterHDFSContract(Configuration conf) { } public static void createCluster() throws IOException { - createCluster(null); + createCluster(false); } - public static void createCluster(Configuration conf) throws IOException { - createCluster(true, 2, conf); + public static void createCluster(boolean security) throws IOException { + createCluster(true, 2, security); } public static void createCluster( - boolean ha, int numNameServices, Configuration conf) throws IOException { + boolean ha, int numNameServices, boolean security) throws IOException { try { + Configuration conf = null; + if (security) { + conf = SecurityConfUtil.initSecurity(); + } cluster = new MiniRouterDFSCluster(ha, numNameServices, conf); // Start NNs and DNs and wait until ready @@ -88,6 +92,11 @@ public static void destroyCluster() throws IOException { cluster.shutdown(); cluster = null; } + try { + SecurityConfUtil.destroy(); + } catch (Exception e) { + throw new IOException("Cannot destroy security context", e); + } } public static MiniDFSCluster getCluster() { diff --git a/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/fs/contract/router/SecurityConfUtil.java b/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/fs/contract/router/SecurityConfUtil.java index 6154eee81f..47ab0d2707 100644 --- a/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/fs/contract/router/SecurityConfUtil.java +++ b/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/fs/contract/router/SecurityConfUtil.java @@ -65,6 +65,9 @@ public final class SecurityConfUtil { private static final String ROUTER_USER_NAME = "router"; private static final String PREFIX = "hadoop.http.authentication."; + private static MiniKdc kdc; + private static File baseDir; + private static String spnegoPrincipal; private static String routerPrincipal; @@ -78,14 +81,14 @@ public static String getRouterUserName() { public static Configuration initSecurity() throws Exception { // delete old test dir - File baseDir = GenericTestUtils.getTestDir( + baseDir = GenericTestUtils.getTestDir( SecurityConfUtil.class.getSimpleName()); FileUtil.fullyDelete(baseDir); assertTrue(baseDir.mkdirs()); // start a mini kdc with default conf Properties kdcConf = MiniKdc.createConf(); - MiniKdc kdc = new MiniKdc(kdcConf, baseDir); + kdc = new MiniKdc(kdcConf, baseDir); kdc.start(); Configuration conf = new HdfsConfiguration(); @@ -156,4 +159,12 @@ public static Configuration initSecurity() throws Exception { return conf; } + + public static void destroy() throws Exception { + if (kdc != null) { + kdc.stop(); + FileUtil.fullyDelete(baseDir); + KeyStoreTestUtil.cleanupSSLConfig(keystoresDir, sslConfDir); + } + } } diff --git a/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/fs/contract/router/TestRouterHDFSContractAppendSecure.java b/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/fs/contract/router/TestRouterHDFSContractAppendSecure.java index fe4951db0b..33f59f02f7 100644 --- a/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/fs/contract/router/TestRouterHDFSContractAppendSecure.java +++ b/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/fs/contract/router/TestRouterHDFSContractAppendSecure.java @@ -21,8 +21,6 @@ import org.junit.AfterClass; import org.junit.BeforeClass; -import static org.apache.hadoop.fs.contract.router.SecurityConfUtil.initSecurity; - /** * Test secure append operations on the Router-based FS. */ @@ -31,7 +29,7 @@ public class TestRouterHDFSContractAppendSecure @BeforeClass public static void createCluster() throws Exception { - RouterHDFSContract.createCluster(initSecurity()); + RouterHDFSContract.createCluster(true); } @AfterClass diff --git a/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/fs/contract/router/TestRouterHDFSContractConcatSecure.java b/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/fs/contract/router/TestRouterHDFSContractConcatSecure.java index c9a0cc8f21..d45f639c99 100644 --- a/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/fs/contract/router/TestRouterHDFSContractConcatSecure.java +++ b/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/fs/contract/router/TestRouterHDFSContractConcatSecure.java @@ -23,9 +23,6 @@ import java.io.IOException; -import static org.apache.hadoop.fs.contract.router.SecurityConfUtil.initSecurity; - - /** * Test secure concat operations on the Router-based FS. */ @@ -34,7 +31,7 @@ public class TestRouterHDFSContractConcatSecure @BeforeClass public static void createCluster() throws Exception { - RouterHDFSContract.createCluster(initSecurity()); + RouterHDFSContract.createCluster(true); // perform a simple operation on the cluster to verify it is up RouterHDFSContract.getFileSystem().getDefaultBlockSize(new Path("/")); } diff --git a/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/fs/contract/router/TestRouterHDFSContractCreateSecure.java b/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/fs/contract/router/TestRouterHDFSContractCreateSecure.java index dc264b0d59..9327c1ba86 100644 --- a/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/fs/contract/router/TestRouterHDFSContractCreateSecure.java +++ b/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/fs/contract/router/TestRouterHDFSContractCreateSecure.java @@ -22,9 +22,6 @@ import java.io.IOException; -import static org.apache.hadoop.fs.contract.router.SecurityConfUtil.initSecurity; - - /** * Test secure create operations on the Router-based FS. */ @@ -33,7 +30,7 @@ public class TestRouterHDFSContractCreateSecure @BeforeClass public static void createCluster() throws Exception { - RouterHDFSContract.createCluster(initSecurity()); + RouterHDFSContract.createCluster(true); } @AfterClass diff --git a/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/fs/contract/router/TestRouterHDFSContractDelegationToken.java b/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/fs/contract/router/TestRouterHDFSContractDelegationToken.java index f22489e496..77cb602ae0 100644 --- a/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/fs/contract/router/TestRouterHDFSContractDelegationToken.java +++ b/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/fs/contract/router/TestRouterHDFSContractDelegationToken.java @@ -46,7 +46,7 @@ public class TestRouterHDFSContractDelegationToken @BeforeClass public static void createCluster() throws Exception { - RouterHDFSContract.createCluster(false, 1, initSecurity()); + RouterHDFSContract.createCluster(false, 1, true); } @AfterClass diff --git a/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/fs/contract/router/TestRouterHDFSContractDeleteSecure.java b/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/fs/contract/router/TestRouterHDFSContractDeleteSecure.java index 57cc138618..43af1a7900 100644 --- a/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/fs/contract/router/TestRouterHDFSContractDeleteSecure.java +++ b/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/fs/contract/router/TestRouterHDFSContractDeleteSecure.java @@ -21,8 +21,6 @@ import org.junit.AfterClass; import org.junit.BeforeClass; -import static org.apache.hadoop.fs.contract.router.SecurityConfUtil.initSecurity; - /** * Test secure delete operations on the Router-based FS. */ @@ -31,7 +29,7 @@ public class TestRouterHDFSContractDeleteSecure @BeforeClass public static void createCluster() throws Exception { - RouterHDFSContract.createCluster(initSecurity()); + RouterHDFSContract.createCluster(true); } @AfterClass diff --git a/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/fs/contract/router/TestRouterHDFSContractGetFileStatusSecure.java b/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/fs/contract/router/TestRouterHDFSContractGetFileStatusSecure.java index 13e4e9661f..5643cfaaaa 100644 --- a/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/fs/contract/router/TestRouterHDFSContractGetFileStatusSecure.java +++ b/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/fs/contract/router/TestRouterHDFSContractGetFileStatusSecure.java @@ -21,9 +21,6 @@ import org.junit.AfterClass; import org.junit.BeforeClass; -import static org.apache.hadoop.fs.contract.router.SecurityConfUtil.initSecurity; - - /** * Test secure get file status operations on the Router-based FS. */ @@ -32,7 +29,7 @@ public class TestRouterHDFSContractGetFileStatusSecure @BeforeClass public static void createCluster() throws Exception { - RouterHDFSContract.createCluster(initSecurity()); + RouterHDFSContract.createCluster(true); } @AfterClass diff --git a/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/fs/contract/router/TestRouterHDFSContractMkdirSecure.java b/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/fs/contract/router/TestRouterHDFSContractMkdirSecure.java index 7c223a6704..bb1564fd87 100644 --- a/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/fs/contract/router/TestRouterHDFSContractMkdirSecure.java +++ b/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/fs/contract/router/TestRouterHDFSContractMkdirSecure.java @@ -22,9 +22,6 @@ import java.io.IOException; -import static org.apache.hadoop.fs.contract.router.SecurityConfUtil.initSecurity; - - /** * Test secure dir operations on the Router-based FS. */ @@ -33,7 +30,7 @@ public class TestRouterHDFSContractMkdirSecure @BeforeClass public static void createCluster() throws Exception { - RouterHDFSContract.createCluster(initSecurity()); + RouterHDFSContract.createCluster(true); } @AfterClass diff --git a/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/fs/contract/router/TestRouterHDFSContractOpenSecure.java b/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/fs/contract/router/TestRouterHDFSContractOpenSecure.java index 434402c587..91749fd54c 100644 --- a/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/fs/contract/router/TestRouterHDFSContractOpenSecure.java +++ b/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/fs/contract/router/TestRouterHDFSContractOpenSecure.java @@ -22,9 +22,6 @@ import java.io.IOException; -import static org.apache.hadoop.fs.contract.router.SecurityConfUtil.initSecurity; - - /** * Test secure open operations on the Router-based FS. */ @@ -32,7 +29,7 @@ public class TestRouterHDFSContractOpenSecure extends AbstractContractOpenTest { @BeforeClass public static void createCluster() throws Exception { - RouterHDFSContract.createCluster(initSecurity()); + RouterHDFSContract.createCluster(true); } @AfterClass diff --git a/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/fs/contract/router/TestRouterHDFSContractRenameSecure.java b/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/fs/contract/router/TestRouterHDFSContractRenameSecure.java index 29d7398884..3de39fd83e 100644 --- a/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/fs/contract/router/TestRouterHDFSContractRenameSecure.java +++ b/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/fs/contract/router/TestRouterHDFSContractRenameSecure.java @@ -22,9 +22,6 @@ import java.io.IOException; -import static org.apache.hadoop.fs.contract.router.SecurityConfUtil.initSecurity; - - /** * Test secure rename operations on the Router-based FS. */ @@ -33,7 +30,7 @@ public class TestRouterHDFSContractRenameSecure @BeforeClass public static void createCluster() throws Exception { - RouterHDFSContract.createCluster(initSecurity()); + RouterHDFSContract.createCluster(true); } @AfterClass diff --git a/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/fs/contract/router/TestRouterHDFSContractRootDirectorySecure.java b/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/fs/contract/router/TestRouterHDFSContractRootDirectorySecure.java index faa08ba786..f7fb59c465 100644 --- a/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/fs/contract/router/TestRouterHDFSContractRootDirectorySecure.java +++ b/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/fs/contract/router/TestRouterHDFSContractRootDirectorySecure.java @@ -22,9 +22,6 @@ import java.io.IOException; -import static org.apache.hadoop.fs.contract.router.SecurityConfUtil.initSecurity; - - /** * Test secure root dir operations on the Router-based FS. */ @@ -33,7 +30,7 @@ public class TestRouterHDFSContractRootDirectorySecure @BeforeClass public static void createCluster() throws Exception { - RouterHDFSContract.createCluster(initSecurity()); + RouterHDFSContract.createCluster(true); } @AfterClass diff --git a/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/fs/contract/router/TestRouterHDFSContractSeekSecure.java b/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/fs/contract/router/TestRouterHDFSContractSeekSecure.java index f281b472c7..e318f0ec25 100644 --- a/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/fs/contract/router/TestRouterHDFSContractSeekSecure.java +++ b/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/fs/contract/router/TestRouterHDFSContractSeekSecure.java @@ -22,9 +22,6 @@ import java.io.IOException; -import static org.apache.hadoop.fs.contract.router.SecurityConfUtil.initSecurity; - - /** * Test secure seek operations on the Router-based FS. */ @@ -32,7 +29,7 @@ public class TestRouterHDFSContractSeekSecure extends AbstractContractSeekTest { @BeforeClass public static void createCluster() throws Exception { - RouterHDFSContract.createCluster(initSecurity()); + RouterHDFSContract.createCluster(true); } @AfterClass diff --git a/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/fs/contract/router/TestRouterHDFSContractSetTimesSecure.java b/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/fs/contract/router/TestRouterHDFSContractSetTimesSecure.java index 8f86b951a5..69123f6dc1 100644 --- a/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/fs/contract/router/TestRouterHDFSContractSetTimesSecure.java +++ b/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/fs/contract/router/TestRouterHDFSContractSetTimesSecure.java @@ -22,9 +22,6 @@ import java.io.IOException; -import static org.apache.hadoop.fs.contract.router.SecurityConfUtil.initSecurity; - - /** * Test secure set times operations on the Router-based FS. */ @@ -33,7 +30,7 @@ public class TestRouterHDFSContractSetTimesSecure @BeforeClass public static void createCluster() throws Exception { - RouterHDFSContract.createCluster(initSecurity()); + RouterHDFSContract.createCluster(true); } @AfterClass diff --git a/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/hdfs/server/federation/security/TestRouterHttpDelegationToken.java b/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/hdfs/server/federation/security/TestRouterHttpDelegationToken.java index b5f684916b..7a1859cb93 100644 --- a/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/hdfs/server/federation/security/TestRouterHttpDelegationToken.java +++ b/hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/hdfs/server/federation/security/TestRouterHttpDelegationToken.java @@ -144,6 +144,7 @@ public void cleanup() throws Exception { router.stop(); router.close(); } + SecurityConfUtil.destroy(); } @Test