001/* 002 * Licensed to the Apache Software Foundation (ASF) under one 003 * or more contributor license agreements. See the NOTICE file 004 * distributed with this work for additional information 005 * regarding copyright ownership. The ASF licenses this file 006 * to you under the Apache License, Version 2.0 (the 007 * "License"); you may not use this file except in compliance 008 * with the License. You may obtain a copy of the License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, software 013 * distributed under the License is distributed on an "AS IS" BASIS, 014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 015 * See the License for the specific language governing permissions and 016 * limitations under the License. 017 */ 018package org.apache.hadoop.hbase.http.log; 019 020import java.io.BufferedReader; 021import java.io.FileNotFoundException; 022import java.io.IOException; 023import java.io.InputStreamReader; 024import java.io.PrintWriter; 025import java.net.HttpURLConnection; 026import java.net.URL; 027import java.nio.charset.StandardCharsets; 028import java.util.Objects; 029import java.util.regex.Pattern; 030import javax.net.ssl.HttpsURLConnection; 031import javax.net.ssl.SSLSocketFactory; 032import javax.servlet.ServletException; 033import javax.servlet.http.HttpServlet; 034import javax.servlet.http.HttpServletRequest; 035import javax.servlet.http.HttpServletResponse; 036import org.apache.hadoop.HadoopIllegalArgumentException; 037import org.apache.hadoop.conf.Configuration; 038import org.apache.hadoop.conf.Configured; 039import org.apache.hadoop.hbase.http.HttpServer; 040import org.apache.hadoop.hbase.logging.Log4jUtils; 041import org.apache.hadoop.security.authentication.client.AuthenticatedURL; 042import org.apache.hadoop.security.authentication.client.KerberosAuthenticator; 043import org.apache.hadoop.security.ssl.SSLFactory; 044import org.apache.hadoop.util.HttpExceptionUtils; 045import org.apache.hadoop.util.ServletUtil; 046import org.apache.hadoop.util.Tool; 047import org.apache.yetus.audience.InterfaceAudience; 048import org.slf4j.Logger; 049import org.slf4j.LoggerFactory; 050 051/** 052 * Change log level in runtime. 053 */ 054@InterfaceAudience.Private 055public final class LogLevel { 056 private static final String USAGES = "\nUsage: General options are:\n" 057 + "\t[-getlevel <host:port> <classname> [-protocol (http|https)]\n" 058 + "\t[-setlevel <host:port> <classname> <level> [-protocol (http|https)]"; 059 060 public static final String PROTOCOL_HTTP = "http"; 061 public static final String PROTOCOL_HTTPS = "https"; 062 063 public static final String READONLY_LOGGERS_CONF_KEY = "hbase.ui.logLevels.readonly.loggers"; 064 065 /** 066 * A command line implementation 067 */ 068 public static void main(String[] args) throws Exception { 069 CLI cli = new CLI(new Configuration()); 070 System.exit(cli.run(args)); 071 } 072 073 /** 074 * Valid command line options. 075 */ 076 private enum Operations { 077 GETLEVEL, 078 SETLEVEL, 079 UNKNOWN 080 } 081 082 private static void printUsage() { 083 System.err.println(USAGES); 084 System.exit(-1); 085 } 086 087 public static boolean isValidProtocol(String protocol) { 088 return protocol.equals(PROTOCOL_HTTP) || protocol.equals(PROTOCOL_HTTPS); 089 } 090 091 static class CLI extends Configured implements Tool { 092 private Operations operation = Operations.UNKNOWN; 093 private String protocol; 094 private String hostName; 095 private String className; 096 private String level; 097 098 CLI(Configuration conf) { 099 setConf(conf); 100 } 101 102 @Override 103 public int run(String[] args) throws Exception { 104 try { 105 parseArguments(args); 106 sendLogLevelRequest(); 107 } catch (HadoopIllegalArgumentException e) { 108 printUsage(); 109 } 110 return 0; 111 } 112 113 /** 114 * Send HTTP request to the daemon. 115 * @throws HadoopIllegalArgumentException if arguments are invalid. 116 * @throws Exception if unable to connect 117 */ 118 private void sendLogLevelRequest() throws HadoopIllegalArgumentException, Exception { 119 switch (operation) { 120 case GETLEVEL: 121 doGetLevel(); 122 break; 123 case SETLEVEL: 124 doSetLevel(); 125 break; 126 default: 127 throw new HadoopIllegalArgumentException("Expect either -getlevel or -setlevel"); 128 } 129 } 130 131 public void parseArguments(String[] args) throws HadoopIllegalArgumentException { 132 if (args.length == 0) { 133 throw new HadoopIllegalArgumentException("No arguments specified"); 134 } 135 int nextArgIndex = 0; 136 while (nextArgIndex < args.length) { 137 switch (args[nextArgIndex]) { 138 case "-getlevel": 139 nextArgIndex = parseGetLevelArgs(args, nextArgIndex); 140 break; 141 case "-setlevel": 142 nextArgIndex = parseSetLevelArgs(args, nextArgIndex); 143 break; 144 case "-protocol": 145 nextArgIndex = parseProtocolArgs(args, nextArgIndex); 146 break; 147 default: 148 throw new HadoopIllegalArgumentException("Unexpected argument " + args[nextArgIndex]); 149 } 150 } 151 152 // if operation is never specified in the arguments 153 if (operation == Operations.UNKNOWN) { 154 throw new HadoopIllegalArgumentException("Must specify either -getlevel or -setlevel"); 155 } 156 157 // if protocol is unspecified, set it as http. 158 if (protocol == null) { 159 protocol = PROTOCOL_HTTP; 160 } 161 } 162 163 private int parseGetLevelArgs(String[] args, int index) throws HadoopIllegalArgumentException { 164 // fail if multiple operations are specified in the arguments 165 if (operation != Operations.UNKNOWN) { 166 throw new HadoopIllegalArgumentException("Redundant -getlevel command"); 167 } 168 // check number of arguments is sufficient 169 if (index + 2 >= args.length) { 170 throw new HadoopIllegalArgumentException("-getlevel needs two parameters"); 171 } 172 operation = Operations.GETLEVEL; 173 hostName = args[index + 1]; 174 className = args[index + 2]; 175 return index + 3; 176 } 177 178 private int parseSetLevelArgs(String[] args, int index) throws HadoopIllegalArgumentException { 179 // fail if multiple operations are specified in the arguments 180 if (operation != Operations.UNKNOWN) { 181 throw new HadoopIllegalArgumentException("Redundant -setlevel command"); 182 } 183 // check number of arguments is sufficient 184 if (index + 3 >= args.length) { 185 throw new HadoopIllegalArgumentException("-setlevel needs three parameters"); 186 } 187 operation = Operations.SETLEVEL; 188 hostName = args[index + 1]; 189 className = args[index + 2]; 190 level = args[index + 3]; 191 return index + 4; 192 } 193 194 private int parseProtocolArgs(String[] args, int index) throws HadoopIllegalArgumentException { 195 // make sure only -protocol is specified 196 if (protocol != null) { 197 throw new HadoopIllegalArgumentException("Redundant -protocol command"); 198 } 199 // check number of arguments is sufficient 200 if (index + 1 >= args.length) { 201 throw new HadoopIllegalArgumentException("-protocol needs one parameter"); 202 } 203 // check protocol is valid 204 protocol = args[index + 1]; 205 if (!isValidProtocol(protocol)) { 206 throw new HadoopIllegalArgumentException("Invalid protocol: " + protocol); 207 } 208 return index + 2; 209 } 210 211 /** 212 * Send HTTP request to get log level. 213 * @throws HadoopIllegalArgumentException if arguments are invalid. 214 * @throws Exception if unable to connect 215 */ 216 private void doGetLevel() throws Exception { 217 process(protocol + "://" + hostName + "/logLevel?log=" + className); 218 } 219 220 /** 221 * Send HTTP request to set log level. 222 * @throws HadoopIllegalArgumentException if arguments are invalid. 223 * @throws Exception if unable to connect 224 */ 225 private void doSetLevel() throws Exception { 226 process(protocol + "://" + hostName + "/logLevel?log=" + className + "&level=" + level); 227 } 228 229 /** 230 * Connect to the URL. Supports HTTP and supports SPNEGO authentication. It falls back to simple 231 * authentication if it fails to initiate SPNEGO. 232 * @param url the URL address of the daemon servlet 233 * @return a connected connection 234 * @throws Exception if it can not establish a connection. 235 */ 236 private HttpURLConnection connect(URL url) throws Exception { 237 AuthenticatedURL.Token token = new AuthenticatedURL.Token(); 238 AuthenticatedURL aUrl; 239 SSLFactory clientSslFactory; 240 HttpURLConnection connection; 241 // If https is chosen, configures SSL client. 242 if (PROTOCOL_HTTPS.equals(url.getProtocol())) { 243 clientSslFactory = new SSLFactory(SSLFactory.Mode.CLIENT, this.getConf()); 244 clientSslFactory.init(); 245 SSLSocketFactory sslSocketF = clientSslFactory.createSSLSocketFactory(); 246 247 aUrl = new AuthenticatedURL(new KerberosAuthenticator(), clientSslFactory); 248 connection = aUrl.openConnection(url, token); 249 HttpsURLConnection httpsConn = (HttpsURLConnection) connection; 250 httpsConn.setSSLSocketFactory(sslSocketF); 251 } else { 252 aUrl = new AuthenticatedURL(new KerberosAuthenticator()); 253 connection = aUrl.openConnection(url, token); 254 } 255 connection.connect(); 256 return connection; 257 } 258 259 /** 260 * Configures the client to send HTTP request to the URL. Supports SPENGO for authentication. 261 * @param urlString URL and query string to the daemon's web UI 262 * @throws Exception if unable to connect 263 */ 264 private void process(String urlString) throws Exception { 265 URL url = new URL(urlString); 266 System.out.println("Connecting to " + url); 267 268 HttpURLConnection connection = connect(url); 269 270 HttpExceptionUtils.validateResponse(connection, 200); 271 272 // read from the servlet 273 274 try ( 275 InputStreamReader streamReader = 276 new InputStreamReader(connection.getInputStream(), StandardCharsets.UTF_8); 277 BufferedReader bufferedReader = new BufferedReader(streamReader)) { 278 bufferedReader.lines().filter(Objects::nonNull).filter(line -> line.startsWith(MARKER)) 279 .forEach(line -> System.out.println(TAG.matcher(line).replaceAll(""))); 280 } catch (IOException ioe) { 281 System.err.println("" + ioe); 282 } 283 } 284 } 285 286 private static final String MARKER = "<!-- OUTPUT -->"; 287 private static final Pattern TAG = Pattern.compile("<[^>]*>"); 288 289 /** 290 * A servlet implementation 291 */ 292 @InterfaceAudience.Private 293 public static class Servlet extends HttpServlet { 294 private static final long serialVersionUID = 1L; 295 296 @Override 297 public void doGet(HttpServletRequest request, HttpServletResponse response) 298 throws ServletException, IOException { 299 // Do the authorization 300 if (!HttpServer.hasAdministratorAccess(getServletContext(), request, response)) { 301 return; 302 } 303 // Disallow modification of the LogLevel if explicitly set to readonly 304 Configuration conf = 305 (Configuration) getServletContext().getAttribute(HttpServer.CONF_CONTEXT_ATTRIBUTE); 306 if (conf.getBoolean("hbase.master.ui.readonly", false)) { 307 sendError(response, HttpServletResponse.SC_FORBIDDEN, 308 "Modification of HBase via the UI is disallowed in configuration."); 309 return; 310 } 311 response.setContentType("text/html"); 312 PrintWriter out; 313 try { 314 String headerPath = "header.jsp?pageTitle=Log Level"; 315 request.getRequestDispatcher(headerPath).include(request, response); 316 out = response.getWriter(); 317 } catch (FileNotFoundException e) { 318 // in case file is not found fall back to old design 319 out = ServletUtil.initHTML(response, "Log Level"); 320 } 321 out.println(FORMS); 322 323 String logName = ServletUtil.getParameter(request, "log"); 324 String level = ServletUtil.getParameter(request, "level"); 325 326 String[] readOnlyLogLevels = conf.getStrings(READONLY_LOGGERS_CONF_KEY); 327 328 if (logName != null) { 329 out.println("<h2>Results</h2>"); 330 out.println(MARKER + "Submitted Log Name: <b>" + logName + "</b><br />"); 331 332 Logger log = LoggerFactory.getLogger(logName); 333 out.println(MARKER + "Log Class: <b>" + log.getClass().getName() + "</b><br />"); 334 if (level != null) { 335 if (!isLogLevelChangeAllowed(logName, readOnlyLogLevels)) { 336 sendError(response, HttpServletResponse.SC_PRECONDITION_FAILED, 337 "Modification of logger " + logName + " is disallowed in configuration."); 338 return; 339 } 340 341 out.println(MARKER + "Submitted Level: <b>" + level + "</b><br />"); 342 } 343 process(log, level, out); 344 } 345 346 try { 347 String footerPath = "footer.jsp"; 348 out.println("</div>"); 349 request.getRequestDispatcher(footerPath).include(request, response); 350 } catch (FileNotFoundException e) { 351 out.println(ServletUtil.HTML_TAIL); 352 } 353 out.close(); 354 } 355 356 private boolean isLogLevelChangeAllowed(String logger, String[] readOnlyLogLevels) { 357 if (readOnlyLogLevels == null) { 358 return true; 359 } 360 for (String readOnlyLogLevel : readOnlyLogLevels) { 361 if (logger.startsWith(readOnlyLogLevel)) { 362 return false; 363 } 364 } 365 return true; 366 } 367 368 private void sendError(HttpServletResponse response, int code, String message) 369 throws IOException { 370 response.setStatus(code, message); 371 response.sendError(code, message); 372 } 373 374 static final String FORMS = "<div class='container-fluid content'>\n" 375 + "<div class='row inner_header top_header'>\n" + "<div class='page-header'>\n" 376 + "<h1>Get/Set Log Level</h1>\n" + "</div>\n" + "</div>\n" + "\n" + "<h2>Actions</h2>\n" 377 + "\n" + "<div class='row mb-4'>\n" + "<div class='col'>\n" 378 + "<form class='row g-3 align-items-center justify-content-center'>\n" 379 + "<div class='col-sm-auto'>\n" 380 + "<button type='submit' class='btn btn-primary'>Get Log Level</button>\n" + "</div>\n" 381 + " <div class='col-sm-auto'>\n" 382 + "<input type='text' name='log' class='form-control' size='50'" 383 + " required='required' placeholder='Log Name (required)'>\n" + "</div>\n" 384 + " <div class='col-sm-auto'>\n" 385 + "<span>Gets the current log level for the specified log name.</span>\n" + "</div>\n" 386 + "</form>\n" + "</div>\n" + "</div>\n" + "\n" + "<div class='row'>\n" + "<div class='col'>\n" 387 + "\n" + "<form class='row g-3 align-items-center justify-content-center'>\n" 388 + "<div class='col-sm-auto'>\n" 389 + "<button type='submit' class='btn btn-primary'>Set Log Level</button>\n" + "</div>\n" 390 + "<div class='col-sm-auto'>\n" 391 + "<input type='text' name='log' class='form-control mb-2' size='50'" 392 + " required='required' placeholder='Log Name (required)'>\n" 393 + "<input type='text' name='level' class='form-control' size='50'" 394 + " required='required' placeholder='Log Level (required)'>\n" + "</div>\n" 395 + "<div class='col-sm-auto'>\n" 396 + "<span>Sets the specified log level for the specified log name.</span>\n" + "</div>\n" 397 + "</form>\n" + "\n" + "</div>\n" + "</div>" + "<hr>\n"; 398 399 private static void process(Logger logger, String levelName, PrintWriter out) { 400 if (levelName != null) { 401 try { 402 Log4jUtils.setLogLevel(logger.getName(), levelName); 403 out.println(MARKER + "<div class='text-success'>" + "Setting Level to <strong>" 404 + levelName + "</strong> ...<br />" + "</div>"); 405 } catch (IllegalArgumentException e) { 406 out.println(MARKER + "<div class='text-danger'>" + "Bad level : <strong>" + levelName 407 + "</strong><br />" + "</div>"); 408 } 409 } 410 out.println(MARKER + "Effective level: <b>" + Log4jUtils.getEffectiveLevel(logger.getName()) 411 + "</b><br />"); 412 } 413 } 414 415 private LogLevel() { 416 } 417}