From bc488c23420215db847fd8dde5a1006e319521de Mon Sep 17 00:00:00 2001 From: Priyank Date: Thu, 31 Mar 2016 12:46:25 -0700 Subject: [PATCH 1/2] STORM-1535: Make sure hdfs key tab login happens only once for multiple bolts/executors. --- .../common/security/HdfsSecurityUtil.java | 25 +++++++++++-------- 1 file changed, 15 insertions(+), 10 deletions(-) diff --git a/external/storm-hdfs/src/main/java/org/apache/storm/hdfs/common/security/HdfsSecurityUtil.java b/external/storm-hdfs/src/main/java/org/apache/storm/hdfs/common/security/HdfsSecurityUtil.java index 993214ae5c5..d2f62735eda 100644 --- a/external/storm-hdfs/src/main/java/org/apache/storm/hdfs/common/security/HdfsSecurityUtil.java +++ b/external/storm-hdfs/src/main/java/org/apache/storm/hdfs/common/security/HdfsSecurityUtil.java @@ -28,6 +28,7 @@ import java.io.IOException; import java.util.List; import java.util.Map; +import java.util.concurrent.atomic.AtomicBoolean; import static org.apache.storm.Config.TOPOLOGY_AUTO_CREDENTIALS; @@ -40,23 +41,27 @@ public class HdfsSecurityUtil { public static final String STORM_USER_NAME_KEY = "hdfs.kerberos.principal"; private static final Logger LOG = LoggerFactory.getLogger(HdfsSecurityUtil.class); - + private static AtomicBoolean isLoggedIn = new AtomicBoolean(); public static void login(Map conf, Configuration hdfsConfig) throws IOException { //If AutoHDFS is specified, do not attempt to login using keytabs, only kept for backward compatibility. if(conf.get(TOPOLOGY_AUTO_CREDENTIALS) == null || (!(((List)conf.get(TOPOLOGY_AUTO_CREDENTIALS)).contains(AutoHDFS.class.getName())) && !(((List)conf.get(TOPOLOGY_AUTO_CREDENTIALS)).contains(AutoTGT.class.getName())))) { if (UserGroupInformation.isSecurityEnabled()) { - LOG.info("Logging in using keytab as AutoHDFS is not specified for " + TOPOLOGY_AUTO_CREDENTIALS); - String keytab = (String) conf.get(STORM_KEYTAB_FILE_KEY); - if (keytab != null) { - hdfsConfig.set(STORM_KEYTAB_FILE_KEY, keytab); - } - String userName = (String) conf.get(STORM_USER_NAME_KEY); - if (userName != null) { - hdfsConfig.set(STORM_USER_NAME_KEY, userName); + // compareAndSet added because of https://issues.apache.org/jira/browse/STORM-1535 + // need to test it first during ERIE release testing since the JIRA says "might" be and port it to apache. + if (isLoggedIn.compareAndSet(false, true)) { + LOG.info("Logging in using keytab as AutoHDFS is not specified for " + TOPOLOGY_AUTO_CREDENTIALS); + String keytab = (String) conf.get(STORM_KEYTAB_FILE_KEY); + if (keytab != null) { + hdfsConfig.set(STORM_KEYTAB_FILE_KEY, keytab); + } + String userName = (String) conf.get(STORM_USER_NAME_KEY); + if (userName != null) { + hdfsConfig.set(STORM_USER_NAME_KEY, userName); + } + SecurityUtil.login(hdfsConfig, STORM_KEYTAB_FILE_KEY, STORM_USER_NAME_KEY); } - SecurityUtil.login(hdfsConfig, STORM_KEYTAB_FILE_KEY, STORM_USER_NAME_KEY); } } } From 87b0f3c895f54b87e0265f7f28984e0e3f310b58 Mon Sep 17 00:00:00 2001 From: Priyank Date: Thu, 21 Apr 2016 10:10:26 -0700 Subject: [PATCH 2/2] STORM-1535: Removing the unnecessary comment. --- .../org/apache/storm/hdfs/common/security/HdfsSecurityUtil.java | 1 - 1 file changed, 1 deletion(-) diff --git a/external/storm-hdfs/src/main/java/org/apache/storm/hdfs/common/security/HdfsSecurityUtil.java b/external/storm-hdfs/src/main/java/org/apache/storm/hdfs/common/security/HdfsSecurityUtil.java index d2f62735eda..f380b38acef 100644 --- a/external/storm-hdfs/src/main/java/org/apache/storm/hdfs/common/security/HdfsSecurityUtil.java +++ b/external/storm-hdfs/src/main/java/org/apache/storm/hdfs/common/security/HdfsSecurityUtil.java @@ -49,7 +49,6 @@ public static void login(Map conf, Configuration hdfsConfig) throws IOException !(((List)conf.get(TOPOLOGY_AUTO_CREDENTIALS)).contains(AutoTGT.class.getName())))) { if (UserGroupInformation.isSecurityEnabled()) { // compareAndSet added because of https://issues.apache.org/jira/browse/STORM-1535 - // need to test it first during ERIE release testing since the JIRA says "might" be and port it to apache. if (isLoggedIn.compareAndSet(false, true)) { LOG.info("Logging in using keytab as AutoHDFS is not specified for " + TOPOLOGY_AUTO_CREDENTIALS); String keytab = (String) conf.get(STORM_KEYTAB_FILE_KEY);