Java tutorial
/* * Licensed to the Apache Software Foundation (ASF) under one * or more contributor license agreements. See the NOTICE file * distributed with this work for additional information * regarding copyright ownership. The ASF licenses this file * to you under the Apache License, Version 2.0 (the * "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package org.apache.hadoop.registry.client.api; import org.apache.hadoop.classification.InterfaceAudience; import org.apache.hadoop.classification.InterfaceStability; /** * Constants for the registry, including configuration keys and default * values. */ @InterfaceAudience.Public @InterfaceStability.Evolving public interface RegistryConstants { /** * prefix for registry configuration options: {@value}. * Why <code>hadoop.</code> and not YARN? It can * live outside YARN */ String REGISTRY_PREFIX = "hadoop.registry."; /** * Prefix for zookeeper-specific options: {@value} * <p> * For clients using other protocols, these options are not supported. */ String ZK_PREFIX = REGISTRY_PREFIX + "zk."; /** * Prefix for dns-specific options: {@value} * <p> * For clients using other protocols, these options are not supported. */ String DNS_PREFIX = REGISTRY_PREFIX + "dns."; /** * flag to indicate whether or not the registry should * be enabled in the RM: {@value}. */ String KEY_DNS_ENABLED = DNS_PREFIX + "enabled"; /** * Defaut value for enabling the DNS in the Registry: {@value}. */ boolean DEFAULT_DNS_ENABLED = false; /** * DNS domain name key. */ String KEY_DNS_DOMAIN = DNS_PREFIX + "domain-name"; /** * Max length of a label (node delimited by a dot in the FQDN). */ int MAX_FQDN_LABEL_LENGTH = 63; /** * DNS bind address. */ String KEY_DNS_BIND_ADDRESS = DNS_PREFIX + "bind-address"; /** * DNS port number key. */ String KEY_DNS_PORT = DNS_PREFIX + "bind-port"; /** * Default DNS port number. */ int DEFAULT_DNS_PORT = 5335; /** * DNSSEC Enabled? */ String KEY_DNSSEC_ENABLED = DNS_PREFIX + "dnssec.enabled"; /** * DNSSEC Enabled? */ String KEY_DNSSEC_PUBLIC_KEY = DNS_PREFIX + "public-key"; /** * DNSSEC private key file. */ String KEY_DNSSEC_PRIVATE_KEY_FILE = DNS_PREFIX + "private-key-file"; /** * Default DNSSEC private key file path. */ String DEFAULT_DNSSEC_PRIVATE_KEY_FILE = "/etc/hadoop/conf/registryDNS.private"; /** * Zone subnet. */ String KEY_DNS_ZONE_SUBNET = DNS_PREFIX + "zone-subnet"; /** * Zone subnet mask. */ String KEY_DNS_ZONE_MASK = DNS_PREFIX + "zone-mask"; /** * Zone subnet IP min. */ String KEY_DNS_ZONE_IP_MIN = DNS_PREFIX + "zone-ip-min"; /** * Zone subnet IP max. */ String KEY_DNS_ZONE_IP_MAX = DNS_PREFIX + "zone-ip-max"; /** * DNS Record TTL. */ String KEY_DNS_TTL = DNS_PREFIX + "dns-ttl"; /** * DNS Record TTL. */ String KEY_DNS_ZONES_DIR = DNS_PREFIX + "zones-dir"; /** * Split Reverse Zone. * It may be necessary to spit large reverse zone subnets * into multiple zones to handle existing hosts collocated * with containers. */ String KEY_DNS_SPLIT_REVERSE_ZONE = DNS_PREFIX + "split-reverse-zone"; /** * Default value for splitting the reverse zone. */ boolean DEFAULT_DNS_SPLIT_REVERSE_ZONE = false; /** * Split Reverse Zone IP Range. * How many IPs should be part of each reverse zone split */ String KEY_DNS_SPLIT_REVERSE_ZONE_RANGE = DNS_PREFIX + "split-reverse-zone-range"; /** * Key to set if the registry is secure: {@value}. * Turning it on changes the permissions policy from "open access" * to restrictions on kerberos with the option of * a user adding one or more auth key pairs down their * own tree. */ String KEY_REGISTRY_SECURE = REGISTRY_PREFIX + "secure"; /** * Default registry security policy: {@value}. */ boolean DEFAULT_REGISTRY_SECURE = false; /** * Root path in the ZK tree for the registry: {@value}. */ String KEY_REGISTRY_ZK_ROOT = ZK_PREFIX + "root"; /** * Default root of the yarn registry: {@value}. */ String DEFAULT_ZK_REGISTRY_ROOT = "/registry"; /** * Registry client authentication policy. * <p> * This is only used in secure clusters. * <p> * If the Factory methods of {@link RegistryOperationsFactory} * are used, this key does not need to be set: it is set * up based on the factory method used. */ String KEY_REGISTRY_CLIENT_AUTH = REGISTRY_PREFIX + "client.auth"; /** * Registry client uses Kerberos: authentication is automatic from * logged in user. */ String REGISTRY_CLIENT_AUTH_KERBEROS = "kerberos"; /** * Username/password is the authentication mechanism. * If set then both {@link #KEY_REGISTRY_CLIENT_AUTHENTICATION_ID} * and {@link #KEY_REGISTRY_CLIENT_AUTHENTICATION_PASSWORD} must be set. */ String REGISTRY_CLIENT_AUTH_DIGEST = "digest"; /** * No authentication; client is anonymous. */ String REGISTRY_CLIENT_AUTH_ANONYMOUS = ""; String REGISTRY_CLIENT_AUTH_SIMPLE = "simple"; /** * Registry client authentication ID. * <p> * This is only used in secure clusters with * {@link #KEY_REGISTRY_CLIENT_AUTH} set to * {@link #REGISTRY_CLIENT_AUTH_DIGEST} * */ String KEY_REGISTRY_CLIENT_AUTHENTICATION_ID = KEY_REGISTRY_CLIENT_AUTH + ".id"; /** * Registry client authentication password. * <p> * This is only used in secure clusters with the client set to * use digest (not SASL or anonymouse) authentication. * <p> * Specifically, {@link #KEY_REGISTRY_CLIENT_AUTH} set to * {@link #REGISTRY_CLIENT_AUTH_DIGEST} * */ String KEY_REGISTRY_CLIENT_AUTHENTICATION_PASSWORD = KEY_REGISTRY_CLIENT_AUTH + ".password"; /** * List of hostname:port pairs defining the * zookeeper quorum binding for the registry {@value}. */ String KEY_REGISTRY_ZK_QUORUM = ZK_PREFIX + "quorum"; /** * The default zookeeper quorum binding for the registry: {@value}. */ String DEFAULT_REGISTRY_ZK_QUORUM = "localhost:2181"; /** * Zookeeper session timeout in milliseconds: {@value}. */ String KEY_REGISTRY_ZK_SESSION_TIMEOUT = ZK_PREFIX + "session.timeout.ms"; /** * The default ZK session timeout: {@value}. */ int DEFAULT_ZK_SESSION_TIMEOUT = 60000; /** * Zookeeper connection timeout in milliseconds: {@value}. */ String KEY_REGISTRY_ZK_CONNECTION_TIMEOUT = ZK_PREFIX + "connection.timeout.ms"; /** * The default ZK connection timeout: {@value}. */ int DEFAULT_ZK_CONNECTION_TIMEOUT = 15000; /** * Zookeeper connection retry count before failing: {@value}. */ String KEY_REGISTRY_ZK_RETRY_TIMES = ZK_PREFIX + "retry.times"; /** * The default # of times to retry a ZK connection: {@value}. */ int DEFAULT_ZK_RETRY_TIMES = 5; /** * Zookeeper connect interval in milliseconds: {@value}. */ String KEY_REGISTRY_ZK_RETRY_INTERVAL = ZK_PREFIX + "retry.interval.ms"; /** * The default interval between connection retries: {@value}. */ int DEFAULT_ZK_RETRY_INTERVAL = 1000; /** * Zookeeper retry limit in milliseconds, during * exponential backoff: {@value}. * * This places a limit even * if the retry times and interval limit, combined * with the backoff policy, result in a long retry * period * */ String KEY_REGISTRY_ZK_RETRY_CEILING = ZK_PREFIX + "retry.ceiling.ms"; /** * Default limit on retries: {@value}. */ int DEFAULT_ZK_RETRY_CEILING = 60000; /** * A comma separated list of Zookeeper ACL identifiers with * system access to the registry in a secure cluster: {@value}. * * These are given full access to all entries. * * If there is an "@" at the end of an entry it * instructs the registry client to append the kerberos realm as * derived from the login and {@link #KEY_REGISTRY_KERBEROS_REALM}. */ String KEY_REGISTRY_SYSTEM_ACCOUNTS = REGISTRY_PREFIX + "system.accounts"; /** * Default system accounts given global access to the registry: {@value}. */ String DEFAULT_REGISTRY_SYSTEM_ACCOUNTS = "sasl:yarn@, sasl:mapred@, sasl:hdfs@, sasl:hadoop@"; /** * A comma separated list of Zookeeper ACL identifiers with * system access to the registry in a secure cluster: {@value}. * * These are given full access to all entries. * * If there is an "@" at the end of an entry it * instructs the registry client to append the default kerberos domain. */ String KEY_REGISTRY_USER_ACCOUNTS = REGISTRY_PREFIX + "user.accounts"; /** * Default system acls: {@value}. */ String DEFAULT_REGISTRY_USER_ACCOUNTS = ""; /** * The kerberos realm: {@value}. * * This is used to set the realm of * system principals which do not declare their realm, * and any other accounts that need the value. * * If empty, the default realm of the running process * is used. * * If neither are known and the realm is needed, then the registry * service/client will fail. */ String KEY_REGISTRY_KERBEROS_REALM = REGISTRY_PREFIX + "kerberos.realm"; /** * Key to define the JAAS context. Used in secure registries: {@value}. */ String KEY_REGISTRY_CLIENT_JAAS_CONTEXT = REGISTRY_PREFIX + "jaas.context"; /** * default client-side registry JAAS context: {@value}. */ String DEFAULT_REGISTRY_CLIENT_JAAS_CONTEXT = "Client"; /** * path to users off the root: {@value}. */ String PATH_USERS = "/users/"; /** * path to system services off the root : {@value}. */ String PATH_SYSTEM_SERVICES = "/services/"; /** * path to system services under a user's home path : {@value}. */ String PATH_USER_SERVICES = "/services/"; /** * path under a service record to point to components of that service: * {@value}. */ String SUBPATH_COMPONENTS = "/components/"; }