ambari-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From rle...@apache.org
Subject ambari git commit: AMBARI-14554. Add more logging to KdcServerConnectionVerification to help with odd connection issues (rlevas)
Date Wed, 06 Jan 2016 18:01:11 GMT
Repository: ambari
Updated Branches:
  refs/heads/trunk 15a33a592 -> 7ef244158


AMBARI-14554. Add more logging to KdcServerConnectionVerification to help with odd connection
issues (rlevas)


Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/7ef24415
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/7ef24415
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/7ef24415

Branch: refs/heads/trunk
Commit: 7ef244158b3bf896c717c1c9697b1ff29937c1d6
Parents: 15a33a5
Author: Robert Levas <rlevas@hortonworks.com>
Authored: Wed Jan 6 13:01:00 2016 -0500
Committer: Robert Levas <rlevas@hortonworks.com>
Committed: Wed Jan 6 13:01:00 2016 -0500

----------------------------------------------------------------------
 .../server/KdcServerConnectionVerification.java | 63 ++++++++++++++++++--
 .../KdcServerConnectionVerificationTest.java    | 59 +++++++++++++-----
 2 files changed, 102 insertions(+), 20 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/ambari/blob/7ef24415/ambari-server/src/main/java/org/apache/ambari/server/KdcServerConnectionVerification.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/KdcServerConnectionVerification.java
b/ambari-server/src/main/java/org/apache/ambari/server/KdcServerConnectionVerification.java
index aa23e44..99e714d 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/KdcServerConnectionVerification.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/KdcServerConnectionVerification.java
@@ -28,8 +28,10 @@ import org.apache.ambari.server.configuration.Configuration;
 import org.apache.commons.lang.StringUtils;
 import org.apache.directory.kerberos.client.KdcConfig;
 import org.apache.directory.kerberos.client.KdcConnection;
+import org.apache.directory.shared.kerberos.KerberosMessageType;
 import org.apache.directory.shared.kerberos.exceptions.ErrorType;
 import org.apache.directory.shared.kerberos.exceptions.KerberosException;
+import org.apache.directory.shared.kerberos.messages.KrbError;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -135,22 +137,75 @@ public class KdcServerConnectionVerification {
     FutureTask<Boolean> future = new FutureTask<Boolean>(new Callable<Boolean>()
{
       @Override
       public Boolean call() {
+        Boolean success;
+
         try {
           KdcConnection connection = getKdcConnection(config);
           // we are only testing whether we can communicate with server and not
           // validating credentials
           connection.getTgt("noUser@noRealm", "noPassword");
+
+          LOG.info(String.format("Encountered no Exceptions while testing connectivity to
the KDC:\n" +
+                  "**** Host: %s:%d (%s)",
+              server, port, connectionProtocol.name()));
+          success = true;
         } catch (KerberosException e) {
+          KrbError error = e.getError();
+          ErrorType errorCode = error.getErrorCode();
+
+          String errorCodeMessage;
+          int errorCodeCode;
+          if(errorCode != null) {
+            errorCodeMessage = errorCode.getMessage();
+            errorCodeCode = errorCode.getValue();
+          }
+          else {
+            errorCodeMessage = "<Not Specified>";
+            errorCodeCode = -1;
+          }
+
           // unfortunately, need to look at msg as error 60 is a generic error code
-          return !(e.getErrorCode() == ErrorType.KRB_ERR_GENERIC.getValue() &&
-              e.getMessage().contains("TimeOut"));
           //todo: evaluate other error codes to provide better information
           //todo: as there may be other error codes where we should return false
-        } catch (Exception e) {
+          success  = !(errorCodeCode == ErrorType.KRB_ERR_GENERIC.getValue() &&
+              errorCodeMessage.contains("TimeOut"));
+
+          if(!success || LOG.isDebugEnabled()) {
+            KerberosMessageType messageType = error.getMessageType();
+
+            String messageTypeMessage;
+            int messageTypeCode;
+            if (messageType != null) {
+              messageTypeMessage = messageType.getMessage();
+              messageTypeCode = messageType.getValue();
+            } else {
+              messageTypeMessage = "<Not Specified>";
+              messageTypeCode = -1;
+            }
+
+            String message = String.format("Received KerberosException while testing connectivity
to the KDC: %s\n" +
+                    "**** Host:    %s:%d (%s)\n" +
+                    "**** Error:   %s\n" +
+                    "**** Code:    %d (%s)\n" +
+                    "**** Message: %d (%s)",
+                e.getLocalizedMessage(), server, port, connectionProtocol.name(), error.getEText(),
errorCodeCode,
+                errorCodeMessage, messageTypeCode, messageTypeMessage);
+
+            if (LOG.isDebugEnabled()) {
+              LOG.info(message, e);
+            } else {
+              LOG.info(message);
+            }
+          }
+        } catch (Throwable e) {
+          LOG.info(String.format("Received Exception while testing connectivity to the KDC:
%s\n**** Host: %s:%d (%s)",
+              e.getLocalizedMessage(), server, port, connectionProtocol.name()), e);
+
           // some bad unexpected thing occurred
           throw new RuntimeException(e);
         }
-        return true;
+
+        return success;
       }
     });
 

http://git-wip-us.apache.org/repos/asf/ambari/blob/7ef24415/ambari-server/src/test/java/org/apache/ambari/server/api/rest/KdcServerConnectionVerificationTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/api/rest/KdcServerConnectionVerificationTest.java
b/ambari-server/src/test/java/org/apache/ambari/server/api/rest/KdcServerConnectionVerificationTest.java
index 948b6db..6624506 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/api/rest/KdcServerConnectionVerificationTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/api/rest/KdcServerConnectionVerificationTest.java
@@ -19,6 +19,7 @@ package org.apache.ambari.server.api.rest;
 
 import static org.apache.ambari.server.KdcServerConnectionVerification.ConnectionProtocol.TCP;
 import static org.apache.ambari.server.KdcServerConnectionVerification.ConnectionProtocol.UDP;
+import static org.easymock.EasyMock.createNiceMock;
 import static org.easymock.EasyMock.createStrictMock;
 import static org.easymock.EasyMock.expect;
 import static org.easymock.EasyMock.replay;
@@ -34,8 +35,10 @@ import org.apache.ambari.server.configuration.Configuration;
 import org.apache.directory.kerberos.client.KdcConfig;
 import org.apache.directory.kerberos.client.KdcConnection;
 import org.apache.directory.kerberos.client.TgTicket;
+import org.apache.directory.shared.kerberos.KerberosMessageType;
 import org.apache.directory.shared.kerberos.exceptions.ErrorType;
 import org.apache.directory.shared.kerberos.exceptions.KerberosException;
+import org.apache.directory.shared.kerberos.messages.KrbError;
 import org.junit.Before;
 import org.junit.Ignore;
 import org.junit.Test;
@@ -107,11 +110,17 @@ public class KdcServerConnectionVerificationTest  {
 
   @Test
   public void testValidateTCP__Successful2() throws Exception {
+    KrbError error = createNiceMock(KrbError.class);
+    expect(error.getErrorCode()).andReturn(ErrorType.KDC_ERR_C_PRINCIPAL_UNKNOWN).once();
+    expect(error.getMessageType()).andReturn(KerberosMessageType.KRB_ERROR).once();
+
+    KerberosException exception = createNiceMock(KerberosException.class);
+    expect(exception.getError()).andReturn(error).once();
+
     KdcConnection connection = createStrictMock(KdcConnection.class);
+    expect(connection.getTgt("noUser@noRealm", "noPassword")).andThrow(exception);
 
-    expect(connection.getTgt("noUser@noRealm", "noPassword")).andThrow(
-        new KerberosException(ErrorType.KDC_ERR_C_PRINCIPAL_UNKNOWN));
-    replay(connection);
+    replay(connection, exception, error);
 
     TestKdcServerConnectionVerification kdcConnVerifier =
         new TestKdcServerConnectionVerification(configuration, connection);
@@ -125,7 +134,7 @@ public class KdcServerConnectionVerificationTest  {
     assertEquals(11111, kdcConfig.getKdcPort());
     assertEquals(10 * 1000, kdcConfig.getTimeout());
 
-    verify(connection);
+    verify(connection, exception, error);
   }
 
   @Test
@@ -196,11 +205,17 @@ public class KdcServerConnectionVerificationTest  {
 
   @Test
   public void testValidateTCP__Fail_GeneralErrorCode_NotTimeout() throws Exception {
+    KrbError error = createNiceMock(KrbError.class);
+    expect(error.getErrorCode()).andReturn(ErrorType.KRB_ERR_GENERIC).once();
+    expect(error.getMessageType()).andReturn(KerberosMessageType.KRB_ERROR).once();
+
+    KerberosException exception = createNiceMock(KerberosException.class);
+    expect(exception.getError()).andReturn(error).once();
+
     KdcConnection connection = createStrictMock(KdcConnection.class);
+    expect(connection.getTgt("noUser@noRealm", "noPassword")).andThrow(exception);
 
-    expect(connection.getTgt("noUser@noRealm", "noPassword")).andThrow(
-        new KerberosException(ErrorType.KRB_ERR_GENERIC, "foo"));
-    replay(connection);
+    replay(connection, exception, error);
 
     TestKdcServerConnectionVerification kdcConnVerifier =
         new TestKdcServerConnectionVerification(configuration, connection);
@@ -214,7 +229,7 @@ public class KdcServerConnectionVerificationTest  {
     assertEquals(11111, kdcConfig.getKdcPort());
     assertEquals(10 * 1000, kdcConfig.getTimeout());
 
-    verify(connection);
+    verify(connection, exception, error);
   }
 
   @Test
@@ -241,11 +256,17 @@ public class KdcServerConnectionVerificationTest  {
 
   @Test
   public void testValidateUDP__Successful2() throws Exception {
+    KrbError error = createNiceMock(KrbError.class);
+    expect(error.getErrorCode()).andReturn(ErrorType.KDC_ERR_C_PRINCIPAL_UNKNOWN).once();
+    expect(error.getMessageType()).andReturn(KerberosMessageType.KRB_ERROR).once();
+
+    KerberosException exception = createNiceMock(KerberosException.class);
+    expect(exception.getError()).andReturn(error).once();
+
     KdcConnection connection = createStrictMock(KdcConnection.class);
+    expect(connection.getTgt("noUser@noRealm", "noPassword")).andThrow(exception);
 
-    expect(connection.getTgt("noUser@noRealm", "noPassword")).andThrow(
-        new KerberosException(ErrorType.KDC_ERR_C_PRINCIPAL_UNKNOWN));
-    replay(connection);
+    replay(connection, exception, error);
 
     TestKdcServerConnectionVerification kdcConnVerifier =
         new TestKdcServerConnectionVerification(configuration, connection);
@@ -259,7 +280,7 @@ public class KdcServerConnectionVerificationTest  {
     assertEquals(11111, kdcConfig.getKdcPort());
     assertEquals(10 * 1000, kdcConfig.getTimeout());
 
-    verify(connection);
+    verify(connection, exception, error);
   }
 
   @Test
@@ -330,11 +351,17 @@ public class KdcServerConnectionVerificationTest  {
 
   @Test
   public void testValidateUDP__Fail_GeneralErrorCode_NotTimeout() throws Exception {
+    KrbError error = createNiceMock(KrbError.class);
+    expect(error.getErrorCode()).andReturn(ErrorType.KRB_ERR_GENERIC).once();
+    expect(error.getMessageType()).andReturn(KerberosMessageType.KRB_ERROR).once();
+
+    KerberosException exception = createNiceMock(KerberosException.class);
+    expect(exception.getError()).andReturn(error).once();
+
     KdcConnection connection = createStrictMock(KdcConnection.class);
+    expect(connection.getTgt("noUser@noRealm", "noPassword")).andThrow(exception);
 
-    expect(connection.getTgt("noUser@noRealm", "noPassword")).andThrow(
-        new KerberosException(ErrorType.KRB_ERR_GENERIC, "foo"));
-    replay(connection);
+    replay(connection, exception, error);
 
     TestKdcServerConnectionVerification kdcConnVerifier =
         new TestKdcServerConnectionVerification(configuration, connection);
@@ -348,7 +375,7 @@ public class KdcServerConnectionVerificationTest  {
     assertEquals(11111, kdcConfig.getKdcPort());
     assertEquals(10 * 1000, kdcConfig.getTimeout());
 
-    verify(connection);
+    verify(connection, exception, error);
   }
 
   @Test


Mime
View raw message