org.apache.hadoop.hbase.security.access

Class SecureBulkLoadEndpoint

java.lang.Object

org.apache.hadoop.hbase.protobuf.generated.SecureBulkLoadProtos.SecureBulkLoadService

org.apache.hadoop.hbase.security.access.SecureBulkLoadEndpoint

All Implemented Interfaces:

com.google.protobuf.Service, Coprocessor, CoprocessorService

@InterfaceAudience.Private
public class SecureBulkLoadEndpoint
extends org.apache.hadoop.hbase.protobuf.generated.SecureBulkLoadProtos.SecureBulkLoadService
implements CoprocessorService, Coprocessor

Coprocessor service for bulk loads in secure mode. This coprocessor has to be installed as part of enabling security in HBase. This service addresses two issues: 1. Moving files in a secure filesystem wherein the HBase Client and HBase Server are different filesystem users. 2. Does moving in a secure manner. Assuming that the filesystem is POSIX compliant. The algorithm is as follows: 1. Create an hbase owned staging directory which is world traversable (711): /hbase/staging 2. A user writes out data to his secure output directory: /user/foo/data 3. A call is made to hbase to create a secret staging directory which globally rwx (777): /user/staging/averylongandrandomdirectoryname 4. The user moves the data into the random staging directory, then calls bulkLoadHFiles() Like delegation tokens the strength of the security lies in the length and randomness of the secret directory.

Nested Class Summary

Nested classes/interfaces inherited from class org.apache.hadoop.hbase.protobuf.generated.SecureBulkLoadProtos.SecureBulkLoadService

org.apache.hadoop.hbase.protobuf.generated.SecureBulkLoadProtos.SecureBulkLoadService.BlockingInterface, org.apache.hadoop.hbase.protobuf.generated.SecureBulkLoadProtos.SecureBulkLoadService.Interface, org.apache.hadoop.hbase.protobuf.generated.SecureBulkLoadProtos.SecureBulkLoadService.Stub

Nested classes/interfaces inherited from interface org.apache.hadoop.hbase.Coprocessor

Coprocessor.State

Field Summary

Fields

Modifier and Type	Field and Description
static long	VERSION

Fields inherited from interface org.apache.hadoop.hbase.Coprocessor

PRIORITY_HIGHEST, PRIORITY_LOWEST, PRIORITY_SYSTEM, PRIORITY_USER

Constructor Summary

Constructors

Constructor and Description
SecureBulkLoadEndpoint()

Method Summary

Methods

Modifier and Type	Method and Description
void	cleanupBulkLoad(com.google.protobuf.RpcController controller, org.apache.hadoop.hbase.protobuf.generated.SecureBulkLoadProtos.CleanupBulkLoadRequest request, com.google.protobuf.RpcCallback<org.apache.hadoop.hbase.protobuf.generated.SecureBulkLoadProtos.CleanupBulkLoadResponse> done)
com.google.protobuf.Service	getService()
void	prepareBulkLoad(com.google.protobuf.RpcController controller, org.apache.hadoop.hbase.protobuf.generated.SecureBulkLoadProtos.PrepareBulkLoadRequest request, com.google.protobuf.RpcCallback<org.apache.hadoop.hbase.protobuf.generated.SecureBulkLoadProtos.PrepareBulkLoadResponse> done)
void	secureBulkLoadHFiles(com.google.protobuf.RpcController controller, org.apache.hadoop.hbase.protobuf.generated.SecureBulkLoadProtos.SecureBulkLoadHFilesRequest request, com.google.protobuf.RpcCallback<org.apache.hadoop.hbase.protobuf.generated.SecureBulkLoadProtos.SecureBulkLoadHFilesResponse> done)
void	start(CoprocessorEnvironment env)
void	stop(CoprocessorEnvironment env)

Methods inherited from class org.apache.hadoop.hbase.protobuf.generated.SecureBulkLoadProtos.SecureBulkLoadService

callMethod, getDescriptor, getDescriptorForType, getRequestPrototype, getResponsePrototype, newBlockingStub, newReflectiveBlockingService, newReflectiveService, newStub

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

VERSION

public static final long VERSION

See Also:

Constant Field Values

Constructor Detail

SecureBulkLoadEndpoint

public SecureBulkLoadEndpoint()

Method Detail

start

public void start(CoprocessorEnvironment env)

Specified by:

start in interface Coprocessor

stop

public void stop(CoprocessorEnvironment env)
          throws IOException

Specified by:

stop in interface Coprocessor

Throws:

IOException

prepareBulkLoad

public void prepareBulkLoad(com.google.protobuf.RpcController controller,
                   org.apache.hadoop.hbase.protobuf.generated.SecureBulkLoadProtos.PrepareBulkLoadRequest request,
                   com.google.protobuf.RpcCallback<org.apache.hadoop.hbase.protobuf.generated.SecureBulkLoadProtos.PrepareBulkLoadResponse> done)

Specified by:

prepareBulkLoad in class org.apache.hadoop.hbase.protobuf.generated.SecureBulkLoadProtos.SecureBulkLoadService

cleanupBulkLoad

public void cleanupBulkLoad(com.google.protobuf.RpcController controller,
                   org.apache.hadoop.hbase.protobuf.generated.SecureBulkLoadProtos.CleanupBulkLoadRequest request,
                   com.google.protobuf.RpcCallback<org.apache.hadoop.hbase.protobuf.generated.SecureBulkLoadProtos.CleanupBulkLoadResponse> done)

Specified by:

cleanupBulkLoad in class org.apache.hadoop.hbase.protobuf.generated.SecureBulkLoadProtos.SecureBulkLoadService

secureBulkLoadHFiles

public void secureBulkLoadHFiles(com.google.protobuf.RpcController controller,
                        org.apache.hadoop.hbase.protobuf.generated.SecureBulkLoadProtos.SecureBulkLoadHFilesRequest request,
                        com.google.protobuf.RpcCallback<org.apache.hadoop.hbase.protobuf.generated.SecureBulkLoadProtos.SecureBulkLoadHFilesResponse> done)

Specified by:

secureBulkLoadHFiles in class org.apache.hadoop.hbase.protobuf.generated.SecureBulkLoadProtos.SecureBulkLoadService

getService

public com.google.protobuf.Service getService()

Specified by:

getService in interface CoprocessorService