HDDS-4330. Bootstrap new OM node

hadoop-hdds/common/src/main/resources/ozone-default.xml

@@ -2228,6 +2228,15 @@
       client ozone manager protocol.
     </description>
   </property>
+  <property>
+    <name>ozone.om.security.admin.protocol.acl</name>
+    <value>*</value>
+    <tag>SECURITY</tag>
+    <description>
+      Comma separated list of users and groups allowed to access ozone
+      manager admin protocol.
+    </description>
+  </property>
 
   <property>
     <name>hdds.datanode.http.auth.kerberos.principal</name>

hadoop-hdds/framework/src/main/java/org/apache/hadoop/hdds/NodeDetails.java

@@ -28,20 +28,41 @@
 public abstract class NodeDetails {
   private String serviceId;
   private String nodeId;
-  private InetSocketAddress rpcAddress;
+  private String hostAddress;
+  private int rpcPort;
   private int ratisPort;
   private String httpAddress;
   private String httpsAddress;
 
+  private InetSocketAddress rpcAddress;
+
   /**
    * Constructs NodeDetails object.
    */
   public NodeDetails(String serviceId, String nodeId,
-                        InetSocketAddress rpcAddr, int ratisPort,
-                        String httpAddress, String httpsAddress) {
+      InetSocketAddress rpcAddress, int ratisPort,
+      String httpAddress, String httpsAddress) {
     this.serviceId = serviceId;
     this.nodeId = nodeId;
-    this.rpcAddress = rpcAddr;
+    this.rpcAddress = rpcAddress;
+    if (rpcAddress != null) {
+      this.hostAddress = rpcAddress.getHostName();
+      this.rpcPort = rpcAddress.getPort();
+    }
+    this.ratisPort = ratisPort;
+    this.httpAddress = httpAddress;
+    this.httpsAddress = httpsAddress;
+  }
+
+  /**
+   * Constructs NodeDetails object.
+   */
+  public NodeDetails(String serviceId, String nodeId, String hostAddr,
+      int rpcPort, int ratisPort, String httpAddress, String httpsAddress) {
+    this.serviceId = serviceId;
+    this.nodeId = nodeId;
+    this.hostAddress = hostAddr;
+    this.rpcPort = rpcPort;
     this.ratisPort = ratisPort;
     this.httpAddress = httpAddress;
     this.httpsAddress = httpsAddress;
@@ -56,19 +77,26 @@ public String getNodeId() {
   }
 
   public InetSocketAddress getRpcAddress() {
+    if (rpcAddress == null) {
+      rpcAddress = NetUtils.createSocketAddr(hostAddress, rpcPort);
+    }
     return rpcAddress;
   }
 
   public boolean isHostUnresolved() {
-    return rpcAddress.isUnresolved();
+    return getRpcAddress().isUnresolved();
   }
 
   public InetAddress getInetAddress() {
-    return rpcAddress.getAddress();
+    return getRpcAddress().getAddress();
   }
 
   public String getHostName() {
-    return rpcAddress.getHostName();
+    return getRpcAddress().getHostName();
+  }
+
+  public String getHostAddress() {
+    return hostAddress;
   }
 
   public String getRatisHostPortStr() {
@@ -93,7 +121,7 @@ public int getRatisPort() {
   }
 
   public String getRpcAddressString() {
-    return NetUtils.getHostPortString(rpcAddress);
+    return NetUtils.getHostPortString(getRpcAddress());
   }
 
   public String getHttpAddress() {

hadoop-ozone/common/pom.xml

@@ -72,6 +72,10 @@ https://maven.apache.org/xsd/maven-4.0.0.xsd">
       <artifactId>spotbugs-annotations</artifactId>
       <scope>provided</scope>
     </dependency>
+    <dependency>
+      <groupId>org.apache.ozone</groupId>
+      <artifactId>hdds-server-framework</artifactId>
+    </dependency>
   </dependencies>
 
   <build>

hadoop-ozone/common/src/main/java/org/apache/hadoop/ozone/om/OMConfigKeys.java

@@ -221,6 +221,13 @@ private OMConfigKeys() {
   public static final String OZONE_OM_SECURITY_CLIENT_PROTOCOL_ACL =
       "ozone.om.security.client.protocol.acl";
 
+  // Comma separated acls (users, groups) allowing clients accessing
+  // OM admin protocol.
+  // When hadoop.security.authorization is true, this needs to be set in
+  // hadoop-policy.xml, "*" allows all users/groups to access.
+  public static final String OZONE_OM_SECURITY_ADMIN_PROTOCOL_ACL =
+      "ozone.om.security.admin.protocol.acl";
+
   public static final String OZONE_OM_KEYNAME_CHARACTER_CHECK_ENABLED_KEY =
           "ozone.om.keyname.character.check.enabled";
   public static final boolean OZONE_OM_KEYNAME_CHARACTER_CHECK_ENABLED_DEFAULT =

hadoop-ozone/common/src/main/java/org/apache/hadoop/ozone/om/ha/OMFailoverProxyProvider.java

@@ -54,7 +54,6 @@
 import org.apache.hadoop.ozone.om.exceptions.OMLeaderNotReadyException;
 import org.apache.hadoop.ozone.om.exceptions.OMNotLeaderException;
 import org.apache.hadoop.ozone.om.protocolPB.OzoneManagerProtocolClientSideTranslatorPB;
-import org.apache.hadoop.ozone.om.protocolPB.OzoneManagerProtocolPB;
 import org.apache.hadoop.security.UserGroupInformation;
 
 import org.apache.ratis.protocol.exceptions.StateMachineException;
@@ -68,26 +67,28 @@
  * multiple OMs to connect to. In case of OM failover, client can try
  * connecting to another OM node from the list of proxies.
  */
-public class OMFailoverProxyProvider implements
-    FailoverProxyProvider<OzoneManagerProtocolPB>, Closeable {
+public class OMFailoverProxyProvider<T> implements
+    FailoverProxyProvider<T>, Closeable {
 
   public static final Logger LOG =
       LoggerFactory.getLogger(OMFailoverProxyProvider.class);
 
+  private final String omServiceId;
+  private final ConfigurationSource conf;
+  private final Class<T> protocolClass;
+  private final long omVersion;
+  private final UserGroupInformation ugi;
+  private final Text delegationTokenService;
+
   // Map of OMNodeID to its proxy
-  private Map<String, ProxyInfo<OzoneManagerProtocolPB>> omProxies;
+  private Map<String, ProxyInfo<T>> omProxies;
   private Map<String, OMProxyInfo> omProxyInfos;
   private List<String> omNodeIDList;
 
   private String currentProxyOMNodeId;
   private int currentProxyIndex;
 
-  private final ConfigurationSource conf;
-  private final long omVersion;
-  private final UserGroupInformation ugi;
-  private final Text delegationTokenService;
-
-  private final String omServiceId;
+  private List<String> retryExceptions = new ArrayList<>();
 
   // OMFailoverProxyProvider, on encountering certain exception, tries each OM
   // once in a round robin fashion. After that it waits for configured time
@@ -101,11 +102,13 @@ public class OMFailoverProxyProvider implements
   private Set<String> accessControlExceptionOMs = new HashSet<>();
 
   public OMFailoverProxyProvider(ConfigurationSource configuration,
-      UserGroupInformation ugi, String omServiceId) throws IOException {
+      UserGroupInformation ugi, String omServiceId, Class<T> protocol)
+      throws IOException {
     this.conf = configuration;
-    this.omVersion = RPC.getProtocolVersion(OzoneManagerProtocolPB.class);
+    this.omVersion = RPC.getProtocolVersion(protocol);
     this.ugi = ugi;
     this.omServiceId = omServiceId;
+    this.protocolClass = protocol;
     loadOMClientConfigs(conf, this.omServiceId);
     this.delegationTokenService = computeDelegationTokenService();
 
@@ -171,20 +174,18 @@ public synchronized String getCurrentProxyOMNodeId() {
     return currentProxyOMNodeId;
   }
 
-  private OzoneManagerProtocolPB createOMProxy(InetSocketAddress omAddress)
-      throws IOException {
+  private T createOMProxy(InetSocketAddress omAddress) throws IOException {
     Configuration hadoopConf =
         LegacyHadoopConfigurationSource.asHadoopConfiguration(conf);
-    RPC.setProtocolEngine(hadoopConf, OzoneManagerProtocolPB.class,
-        ProtobufRpcEngine.class);
+    RPC.setProtocolEngine(hadoopConf, protocolClass, ProtobufRpcEngine.class);
 
     // FailoverOnNetworkException ensures that the IPC layer does not attempt
     // retries on the same OM in case of connection exception. This retry
     // policy essentially results in TRY_ONCE_THEN_FAIL.
     RetryPolicy connectionRetryPolicy = RetryPolicies
         .failoverOnNetworkException(0);
-    
-    return RPC.getProtocolProxy(OzoneManagerProtocolPB.class, omVersion,
+
+    return (T) RPC.getProtocolProxy(protocolClass, omVersion,
         omAddress, ugi, hadoopConf, NetUtils.getDefaultSocketFactory(
             hadoopConf), (int) OmUtils.getOMClientRpcTimeOut(conf),
         connectionRetryPolicy).getProxy();
@@ -197,7 +198,7 @@ private OzoneManagerProtocolPB createOMProxy(InetSocketAddress omAddress)
    * @return the OM proxy object to invoke methods upon
    */
   @Override
-  public synchronized ProxyInfo getProxy() {
+  public synchronized ProxyInfo<T> getProxy() {
     ProxyInfo currentProxyInfo = omProxies.get(currentProxyOMNodeId);
     if (currentProxyInfo == null) {
       currentProxyInfo = createOMProxy(currentProxyOMNodeId);
@@ -213,7 +214,7 @@ protected ProxyInfo createOMProxy(String nodeId) {
     InetSocketAddress address = omProxyInfo.getAddress();
     ProxyInfo proxyInfo;
     try {
-      OzoneManagerProtocolPB proxy = createOMProxy(address);
+      T proxy = createOMProxy(address);
       // Create proxyInfo here, to make it work with all Hadoop versions.
       proxyInfo = new ProxyInfo<>(proxy, omProxyInfo.toString());
       omProxies.put(nodeId, proxyInfo);
@@ -328,8 +329,8 @@ protected Text computeDelegationTokenService() {
   }
 
   @Override
-  public Class<OzoneManagerProtocolPB> getInterface() {
-    return OzoneManagerProtocolPB.class;
+  public Class<T> getInterface() {
+    return protocolClass;
   }
 
   /**
@@ -350,7 +351,7 @@ public Class<OzoneManagerProtocolPB> getInterface() {
    * failover again.
    */
   @Override
-  public void performFailover(OzoneManagerProtocolPB currentProxy) {
+  public void performFailover(T currentProxy) {
     if (LOG.isDebugEnabled()) {
       int currentIndex = getCurrentProxyIndex();
       LOG.debug("Failing over OM proxy to index: {}, nodeId: {}",
@@ -483,7 +484,7 @@ public synchronized boolean shouldFailover(Exception ex) {
    */
   @Override
   public synchronized void close() throws IOException {
-    for (ProxyInfo<OzoneManagerProtocolPB> proxyInfo : omProxies.values()) {
+    for (ProxyInfo<T> proxyInfo : omProxies.values()) {
       if (proxyInfo != null) {
         RPC.stopProxy(proxyInfo.proxy);
       }
@@ -496,7 +497,7 @@ public List<ProxyInfo> getOMProxies() {
   }
 
   @VisibleForTesting
-  public Map<String, ProxyInfo<OzoneManagerProtocolPB>> getOMProxyMap() {
+  public Map<String, ProxyInfo<T>> getOMProxyMap() {
     return omProxies;
   }
 
@@ -511,7 +512,7 @@ public List<OMProxyInfo> getOMProxyInfos() {
    * @param exception
    * @return OMLeaderNotReadyException
    */
-  private static OMLeaderNotReadyException getLeaderNotReadyException(
+  public static OMLeaderNotReadyException getLeaderNotReadyException(
       Exception exception) {
     Throwable cause = exception.getCause();
     if (cause instanceof RemoteException) {
@@ -544,7 +545,7 @@ public static OMNotLeaderException getNotLeaderException(
 
   @VisibleForTesting
   protected void setProxiesForTesting(
-      Map<String, ProxyInfo<OzoneManagerProtocolPB>> testOMProxies,
+      Map<String, ProxyInfo<T>> testOMProxies,
       Map<String, OMProxyInfo> testOMProxyInfos,
       List<String> testOMNodeIDList) {
     this.omProxies = testOMProxies;