HADOOP-6583. Captures authentication and authorization metrics. Contributed by Devaraj Das.

git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@915095 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Devaraj Das 2010-02-22 22:26:03 +00:00
parent 115ef5b8c7
commit ffdde40b9f
4 changed files with 51 additions and 2 deletions

View File

@ -156,6 +156,8 @@ Trunk (unreleased changes)
meaningful exceptions when there are failures instead of returning
false. (omalley)
HADOOP-6583. Captures authentication and authorization metrics. (ddas)
OPTIMIZATIONS
BUG FIXES

View File

@ -220,6 +220,11 @@ public static void bind(ServerSocket socket, InetSocketAddress address,
}
}
}
/*Returns a handle to the rpcMetrics (required in tests)*/
public RpcMetrics getRpcMetrics() {
return rpcMetrics;
}
/** A call queued for handling. */
private static class Call {
@ -877,7 +882,13 @@ public Object run() throws IOException {
if (LOG.isDebugEnabled())
LOG.debug("Have read input token of size " + saslToken.length
+ " for processing by saslServer.evaluateResponse()");
byte[] replyToken = saslServer.evaluateResponse(saslToken);
byte[] replyToken;
try {
replyToken = saslServer.evaluateResponse(saslToken);
} catch (SaslException se) {
rpcMetrics.authenticationFailures.inc();
throw se;
}
if (replyToken != null) {
if (LOG.isDebugEnabled())
LOG.debug("Will send token of size " + replyToken.length
@ -1078,6 +1089,7 @@ private void processUnwrappedData(byte[] inBuf) throws IOException,
private void processOneRpc(byte[] buf) throws IOException,
InterruptedException {
rpcMetrics.authenticationSuccesses.inc();
if (headerRead) {
processData(buf);
} else {
@ -1121,7 +1133,9 @@ private boolean authorizeConnection() throws IOException {
if (LOG.isDebugEnabled()) {
LOG.debug("Successfully authorized " + header);
}
rpcMetrics.authorizationSuccesses.inc();
} catch (AuthorizationException ae) {
rpcMetrics.authorizationFailures.inc();
authFailedCall.connection = this;
setupResponse(authFailedResponse, authFailedCall, Status.FATAL, null,
ae.getClass().getName(), ae.getMessage());

View File

@ -27,6 +27,7 @@
import org.apache.hadoop.metrics.util.MetricsBase;
import org.apache.hadoop.metrics.util.MetricsIntValue;
import org.apache.hadoop.metrics.util.MetricsRegistry;
import org.apache.hadoop.metrics.util.MetricsTimeVaryingInt;
import org.apache.hadoop.metrics.util.MetricsTimeVaryingRate;
/**
@ -79,7 +80,14 @@ public RpcMetrics(String hostName, String port, Server server) {
new MetricsIntValue("NumOpenConnections", registry);
public MetricsIntValue callQueueLen =
new MetricsIntValue("callQueueLen", registry);
public MetricsTimeVaryingInt authenticationFailures =
new MetricsTimeVaryingInt("rpcAuthenticationFailures", registry);
public MetricsTimeVaryingInt authenticationSuccesses =
new MetricsTimeVaryingInt("rpcAuthenticationSuccesses", registry);
public MetricsTimeVaryingInt authorizationFailures =
new MetricsTimeVaryingInt("rpcAuthorizationFailures", registry);
public MetricsTimeVaryingInt authorizationSuccesses =
new MetricsTimeVaryingInt("rpcAuthorizationSuccesses", registry);
/**
* Push the metrics to the monitoring subsystem on doUpdate() call.
*/

View File

@ -368,6 +368,31 @@ private void doRPCs(Configuration conf, boolean expectFailure) throws Exception
if (proxy != null) {
RPC.stopProxy(proxy);
}
if (expectFailure) {
assertTrue("Expected 1 but got " +
server.getRpcMetrics().authorizationFailures
.getCurrentIntervalValue(),
server.getRpcMetrics().authorizationFailures
.getCurrentIntervalValue() == 1);
} else {
assertTrue("Expected 1 but got " +
server.getRpcMetrics().authorizationSuccesses
.getCurrentIntervalValue(),
server.getRpcMetrics().authorizationSuccesses
.getCurrentIntervalValue() == 1);
}
//since we don't have authentication turned ON, we should see
// >0 for the authentication successes and 0 for failure
assertTrue("Expected 0 but got " +
server.getRpcMetrics().authenticationFailures
.getCurrentIntervalValue(),
server.getRpcMetrics().authenticationFailures
.getCurrentIntervalValue() == 0);
assertTrue("Expected greater than 0 but got " +
server.getRpcMetrics().authenticationSuccesses
.getCurrentIntervalValue(),
server.getRpcMetrics().authenticationSuccesses
.getCurrentIntervalValue() > 0);
}
}