From 7c379a05ba6243d9a4891f4797f30b02e3878366 Mon Sep 17 00:00:00 2001 From: Sammi Chen Date: Thu, 20 Oct 2022 15:45:44 +0800 Subject: [PATCH 1/4] new test --- .../ozoneimpl/TestOzoneContainerWithTLS.java | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/hadoop-ozone/integration-test/src/test/java/org/apache/hadoop/ozone/container/ozoneimpl/TestOzoneContainerWithTLS.java b/hadoop-ozone/integration-test/src/test/java/org/apache/hadoop/ozone/container/ozoneimpl/TestOzoneContainerWithTLS.java index c5a4a9339bc4..b55d284e4866 100644 --- a/hadoop-ozone/integration-test/src/test/java/org/apache/hadoop/ozone/container/ozoneimpl/TestOzoneContainerWithTLS.java +++ b/hadoop-ozone/integration-test/src/test/java/org/apache/hadoop/ozone/container/ozoneimpl/TestOzoneContainerWithTLS.java @@ -85,6 +85,7 @@ public class TestOzoneContainerWithTLS { private OzoneBlockTokenSecretManager secretManager; private CertificateClientTestImpl caClient; private boolean blockTokenEnabled; + private long certExpireTime; public TestOzoneContainerWithTLS(boolean blockTokenEnabled) { this.blockTokenEnabled = blockTokenEnabled; @@ -122,6 +123,9 @@ public void setup() throws Exception { HddsConfigKeys.HDDS_BLOCK_TOKEN_EXPIRY_TIME_DEFAULT, TimeUnit.MILLISECONDS); + // 5s + //long expiryTime = 5000; + caClient = new CertificateClientTestImpl(conf); secretManager = new OzoneBlockTokenSecretManager(new SecurityConfig(conf), expiryTime, caClient.getCertificate(). @@ -158,7 +162,12 @@ public void testCreateOzoneContainer() throws Exception { if (blockTokenEnabled) { secretManager.start(caClient); client.connect(); - createSecureContainerForTesting(client, containerID, null); + long containerNum = 1000; + for (int i = 0; i < containerNum; i++) { + createSecureContainerForTesting(client, containerID, null); + System.out.println("Container " + containerID + " is created"); + containerID = ContainerTestHelper.getTestContainerID(); + } } else { createContainerForTesting(client, containerID); client.connect(); From d2b12f88ecb8465866623663c8e7fa3a06b4b368 Mon Sep 17 00:00:00 2001 From: Sammi Chen Date: Wed, 26 Oct 2022 12:21:02 +0800 Subject: [PATCH 2/4] HDDS-1157. TestOzoneContainerWithTLS is failing with SSLHandshakeException. --- .../ozone/client/CertificateClientTestImpl.java | 11 +++++++++-- .../ozoneimpl/TestOzoneContainerWithTLS.java | 3 +-- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/hadoop-ozone/integration-test/src/test/java/org/apache/hadoop/ozone/client/CertificateClientTestImpl.java b/hadoop-ozone/integration-test/src/test/java/org/apache/hadoop/ozone/client/CertificateClientTestImpl.java index 58021f30ebf8..15b6a12336dc 100644 --- a/hadoop-ozone/integration-test/src/test/java/org/apache/hadoop/ozone/client/CertificateClientTestImpl.java +++ b/hadoop-ozone/integration-test/src/test/java/org/apache/hadoop/ozone/client/CertificateClientTestImpl.java @@ -53,6 +53,11 @@ public class CertificateClientTestImpl implements CertificateClient { private final X509Certificate x509Certificate; public CertificateClientTestImpl(OzoneConfiguration conf) throws Exception { + this(conf, true); + } + + public CertificateClientTestImpl(OzoneConfiguration conf, boolean rootCA) + throws Exception { securityConfig = new SecurityConfig(conf); HDDSKeyGenerator keyGen = new HDDSKeyGenerator(securityConfig.getConfiguration()); @@ -66,8 +71,10 @@ public CertificateClientTestImpl(OzoneConfiguration conf) throws Exception { .setKey(keyPair) .setSubject("localhost") .setConfiguration(config) - .setScmID("TestScmId1") - .makeCA(); + .setScmID("TestScmId1"); + if (rootCA) { + builder.makeCA(); + } X509CertificateHolder certificateHolder = null; certificateHolder = builder.build(); x509Certificate = new JcaX509CertificateConverter().getCertificate( diff --git a/hadoop-ozone/integration-test/src/test/java/org/apache/hadoop/ozone/container/ozoneimpl/TestOzoneContainerWithTLS.java b/hadoop-ozone/integration-test/src/test/java/org/apache/hadoop/ozone/container/ozoneimpl/TestOzoneContainerWithTLS.java index b55d284e4866..8c0e6d228332 100644 --- a/hadoop-ozone/integration-test/src/test/java/org/apache/hadoop/ozone/container/ozoneimpl/TestOzoneContainerWithTLS.java +++ b/hadoop-ozone/integration-test/src/test/java/org/apache/hadoop/ozone/container/ozoneimpl/TestOzoneContainerWithTLS.java @@ -68,7 +68,6 @@ * Tests ozone containers via secure grpc/netty. */ @RunWith(Parameterized.class) -@Ignore("TODO:HDDS-1157") public class TestOzoneContainerWithTLS { private static final Logger LOG = LoggerFactory.getLogger( TestOzoneContainerWithTLS.class); @@ -126,7 +125,7 @@ public void setup() throws Exception { // 5s //long expiryTime = 5000; - caClient = new CertificateClientTestImpl(conf); + caClient = new CertificateClientTestImpl(conf, false); secretManager = new OzoneBlockTokenSecretManager(new SecurityConfig(conf), expiryTime, caClient.getCertificate(). getSerialNumber().toString()); From 5c296df69f9c05126a183a34d815f8947b651e3c Mon Sep 17 00:00:00 2001 From: Sammi Chen Date: Wed, 26 Oct 2022 12:31:04 +0800 Subject: [PATCH 3/4] remove unnecessary change --- .../ozoneimpl/TestOzoneContainerWithTLS.java | 11 +---------- 1 file changed, 1 insertion(+), 10 deletions(-) diff --git a/hadoop-ozone/integration-test/src/test/java/org/apache/hadoop/ozone/container/ozoneimpl/TestOzoneContainerWithTLS.java b/hadoop-ozone/integration-test/src/test/java/org/apache/hadoop/ozone/container/ozoneimpl/TestOzoneContainerWithTLS.java index 8c0e6d228332..218223d99239 100644 --- a/hadoop-ozone/integration-test/src/test/java/org/apache/hadoop/ozone/container/ozoneimpl/TestOzoneContainerWithTLS.java +++ b/hadoop-ozone/integration-test/src/test/java/org/apache/hadoop/ozone/container/ozoneimpl/TestOzoneContainerWithTLS.java @@ -84,7 +84,6 @@ public class TestOzoneContainerWithTLS { private OzoneBlockTokenSecretManager secretManager; private CertificateClientTestImpl caClient; private boolean blockTokenEnabled; - private long certExpireTime; public TestOzoneContainerWithTLS(boolean blockTokenEnabled) { this.blockTokenEnabled = blockTokenEnabled; @@ -122,9 +121,6 @@ public void setup() throws Exception { HddsConfigKeys.HDDS_BLOCK_TOKEN_EXPIRY_TIME_DEFAULT, TimeUnit.MILLISECONDS); - // 5s - //long expiryTime = 5000; - caClient = new CertificateClientTestImpl(conf, false); secretManager = new OzoneBlockTokenSecretManager(new SecurityConfig(conf), expiryTime, caClient.getCertificate(). @@ -161,12 +157,7 @@ public void testCreateOzoneContainer() throws Exception { if (blockTokenEnabled) { secretManager.start(caClient); client.connect(); - long containerNum = 1000; - for (int i = 0; i < containerNum; i++) { - createSecureContainerForTesting(client, containerID, null); - System.out.println("Container " + containerID + " is created"); - containerID = ContainerTestHelper.getTestContainerID(); - } + createSecureContainerForTesting(client, containerID, null); } else { createContainerForTesting(client, containerID); client.connect(); From cee321fa5da2b03efdc7881822f1094050dafc46 Mon Sep 17 00:00:00 2001 From: Sammi Chen Date: Wed, 26 Oct 2022 13:54:24 +0800 Subject: [PATCH 4/4] remove unused import --- .../ozone/container/ozoneimpl/TestOzoneContainerWithTLS.java | 1 - 1 file changed, 1 deletion(-) diff --git a/hadoop-ozone/integration-test/src/test/java/org/apache/hadoop/ozone/container/ozoneimpl/TestOzoneContainerWithTLS.java b/hadoop-ozone/integration-test/src/test/java/org/apache/hadoop/ozone/container/ozoneimpl/TestOzoneContainerWithTLS.java index 218223d99239..99c38152dba0 100644 --- a/hadoop-ozone/integration-test/src/test/java/org/apache/hadoop/ozone/container/ozoneimpl/TestOzoneContainerWithTLS.java +++ b/hadoop-ozone/integration-test/src/test/java/org/apache/hadoop/ozone/container/ozoneimpl/TestOzoneContainerWithTLS.java @@ -40,7 +40,6 @@ import org.apache.ozone.test.GenericTestUtils; import org.junit.Assert; import org.junit.Before; -import org.junit.Ignore; import org.junit.Rule; import org.junit.Test; import org.junit.rules.TemporaryFolder;