hadoop KMSConfiguration 源码

haddop KMSConfiguration 代码

文件路径：/hadoop-common-project/hadoop-kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMSConfiguration.java

/**
 * Licensed to the Apache Software Foundation (ASF) under one
 * or more contributor license agreements.  See the NOTICE file
 * distributed with this work for additional information
 * regarding copyright ownership.  The ASF licenses this file
 * to you under the Apache License, Version 2.0 (the
 * "License"); you may not use this file except in compliance
 * with the License.  You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package org.apache.hadoop.crypto.key.kms.server;

import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.fs.Path;
import org.apache.log4j.PropertyConfigurator;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import java.io.File;
import java.net.MalformedURLException;
import java.net.URL;

/**
 * Utility class to load KMS configuration files.
 */
@InterfaceAudience.Private
public class KMSConfiguration {

  static final Logger LOG = LoggerFactory.getLogger(KMSConfiguration.class);

  public static final String KMS_CONFIG_DIR = "kms.config.dir";
  public static final String KMS_DEFAULT_XML = "kms-default.xml";
  public static final String KMS_SITE_XML = "kms-site.xml";
  public static final String KMS_ACLS_XML = "kms-acls.xml";

  public static final String CONFIG_PREFIX = "hadoop.kms.";

  public static final String KEY_ACL_PREFIX = "key.acl.";
  public static final String KEY_ACL_PREFIX_REGEX = "^key\\.acl\\..+";
  public static final String DEFAULT_KEY_ACL_PREFIX = "default.key.acl.";
  public static final String WHITELIST_KEY_ACL_PREFIX = "whitelist.key.acl.";

  // HTTP properties
  public static final String HTTP_PORT_KEY = "hadoop.kms.http.port";
  public static final int HTTP_PORT_DEFAULT = 9600;
  public static final String HTTP_HOST_KEY = "hadoop.kms.http.host";
  public static final String HTTP_HOST_DEFAULT = "0.0.0.0";
  public static final String HTTP_ADMINS_KEY =
      "hadoop.kms.http.administrators";

  // SSL properties
  public static final String SSL_ENABLED_KEY = "hadoop.kms.ssl.enabled";
  public static final boolean SSL_ENABLED_DEFAULT = false;

  // Property to set the backing KeyProvider
  public static final String KEY_PROVIDER_URI = CONFIG_PREFIX +
      "key.provider.uri";

  // Property to Enable/Disable Caching
  public static final String KEY_CACHE_ENABLE = CONFIG_PREFIX +
      "cache.enable";
  // Timeout for the Key and Metadata Cache
  public static final String KEY_CACHE_TIMEOUT_KEY = CONFIG_PREFIX +
      "cache.timeout.ms";
  // TImeout for the Current Key cache
  public static final String CURR_KEY_CACHE_TIMEOUT_KEY = CONFIG_PREFIX +
      "current.key.cache.timeout.ms";
  // Delay for Audit logs that need aggregation
  public static final String KMS_AUDIT_AGGREGATION_WINDOW = CONFIG_PREFIX +
      "audit.aggregation.window.ms";

  // Process name shown in metrics
  public static final String METRICS_PROCESS_NAME_KEY =
      CONFIG_PREFIX + "metrics.process.name";
  public static final String METRICS_PROCESS_NAME_DEFAULT = "KMS";

  // Session id for metrics
  public static final String METRICS_SESSION_ID_KEY =
      CONFIG_PREFIX + "metrics.session.id";

  // KMS Audit logger classes to use
  public static final String KMS_AUDIT_LOGGER_KEY = CONFIG_PREFIX +
      "audit.logger";
  
  public static final boolean KEY_CACHE_ENABLE_DEFAULT = true;
  // 10 mins
  public static final long KEY_CACHE_TIMEOUT_DEFAULT = 10 * 60 * 1000;
  // 30 secs
  public static final long CURR_KEY_CACHE_TIMEOUT_DEFAULT = 30 * 1000;
  // 10 secs
  public static final long KMS_AUDIT_AGGREGATION_WINDOW_DEFAULT = 10000;

  // Property to Enable/Disable per Key authorization
  public static final String KEY_AUTHORIZATION_ENABLE = CONFIG_PREFIX +
      "key.authorization.enable"; 

  public static final boolean KEY_AUTHORIZATION_ENABLE_DEFAULT = true;

  private static final String LOG4J_PROPERTIES = "kms-log4j.properties";

  static {
    Configuration.addDefaultResource(KMS_DEFAULT_XML);
    Configuration.addDefaultResource(KMS_SITE_XML);
  }

  static Configuration getConfiguration(boolean loadHadoopDefaults,
      String ... resources) {
    Configuration conf = new Configuration(loadHadoopDefaults);
    String confDir = System.getProperty(KMS_CONFIG_DIR);
    if (confDir != null) {
      try {
        Path confPath = new Path(confDir);
        if (!confPath.isUriPathAbsolute()) {
          throw new RuntimeException("System property '" + KMS_CONFIG_DIR +
              "' must be an absolute path: " + confDir);
        }
        for (String resource : resources) {
          conf.addResource(new URL("file://" + new Path(confDir, resource).toUri()));
        }
      } catch (MalformedURLException ex) {
        throw new RuntimeException(ex);
      }
    } else {
      for (String resource : resources) {
        conf.addResource(resource);
      }
    }
    return conf;
  }

  public static Configuration getKMSConf() {
    return getConfiguration(true, "core-site.xml", KMS_SITE_XML);
  }

  public static Configuration getACLsConf() {
    return getConfiguration(false, KMS_ACLS_XML);
  }

  public static boolean isACLsFileNewer(long time) {
    boolean newer = false;
    String confDir = System.getProperty(KMS_CONFIG_DIR);
    if (confDir != null) {
      Path confPath = new Path(confDir);
      if (!confPath.isUriPathAbsolute()) {
        throw new RuntimeException("System property '" + KMS_CONFIG_DIR +
            "' must be an absolute path: " + confDir);
      }
      File f = new File(confDir, KMS_ACLS_XML);
      LOG.trace("Checking file {}, modification time is {}, last reload time is"
          + " {}", f.getPath(), f.lastModified(), time);
      // at least 100ms newer than time, we do this to ensure the file
      // has been properly closed/flushed
      newer = f.lastModified() - time > 100;
    }
    return newer;
  }

  public static void initLogging() {
    String confDir = System.getProperty(KMS_CONFIG_DIR);
    if (confDir == null) {
      throw new RuntimeException("System property '" +
          KMSConfiguration.KMS_CONFIG_DIR + "' not defined");
    }
    if (System.getProperty("log4j.configuration") == null) {
      System.setProperty("log4j.defaultInitOverride", "true");
      boolean fromClasspath = true;
      File log4jConf = new File(confDir, LOG4J_PROPERTIES).getAbsoluteFile();
      if (log4jConf.exists()) {
        PropertyConfigurator.configureAndWatch(log4jConf.getPath(), 1000);
        fromClasspath = false;
      } else {
        ClassLoader cl = Thread.currentThread().getContextClassLoader();
        URL log4jUrl = cl.getResource(LOG4J_PROPERTIES);
        if (log4jUrl != null) {
          PropertyConfigurator.configure(log4jUrl);
        }
      }
      LOG.debug("KMS log starting");
      if (fromClasspath) {
        LOG.warn("Log4j configuration file '{}' not found", LOG4J_PROPERTIES);
        LOG.warn("Logging with INFO level to standard output");
      }
    }
  }
}

相关信息

hadoop 源码目录

相关文章

hadoop EagerKeyGeneratorKeyProviderCryptoExtension 源码

hadoop KMS 源码

hadoop KMSACLs 源码

hadoop KMSAudit 源码

hadoop KMSAuditLogger 源码

hadoop KMSAuthenticationFilter 源码

hadoop KMSExceptionsProvider 源码

hadoop KMSJSONReader 源码

hadoop KMSJSONWriter 源码

hadoop KMSMDCFilter 源码