HDDS-4980. Bump jaeger-client to 1.6.0

[smengcl]

https://issues.apache.org/jira/browse/HDDS-4980

Bump jaeger-client to 1.5.1 which should include libthrift 0.14.1 that addresses CVE-2020-13949.

[smengcl]

dep tree looks good with the current patch:

$ mvn dependency:tree
...
[INFO] +- io.jaegertracing:jaeger-client:jar:1.2.0:compile
[INFO] |  +- io.jaegertracing:jaeger-thrift:jar:1.2.0:compile
[INFO] |  |  +- org.apache.thrift:libthrift:jar:0.14.1:compile
...

[smengcl]

mvn build looks fine as well:

$ find hadoop-ozone/dist/target -iname "*thrift*"
hadoop-ozone/dist/target/ozone-1.1.0-SNAPSHOT/share/ozone/lib/libthrift-0.14.1.jar
hadoop-ozone/dist/target/ozone-1.1.0-SNAPSHOT/share/ozone/lib/jaeger-thrift-1.2.0.jar

[adoroszlai]

Thanks @smengcl for working on this. Unfortunately it doesn't seem to work with the current version of Jaeger.

cd hadoop-ozone/dist/target/ozone-1.1.0-SNAPSHOT/compose/ozone
export COMPOSE_FILE=docker-compose.yaml:monitoring.yaml
docker-compose up -d --scale datanode=3

Result (same for all services):

datanode_1    | java.lang.NoSuchMethodError: 'void org.apache.thrift.transport.AutoExpandingBufferWriteTransport.<init>(int, int)'
datanode_1    | 	at io.jaegertracing.thrift.internal.senders.ThriftSenderBase.<init>(ThriftSenderBase.java:67)
datanode_1    | 	at io.jaegertracing.thrift.internal.senders.ThriftSender.<init>(ThriftSender.java:41)
datanode_1    | 	at io.jaegertracing.thrift.internal.senders.UdpSender.<init>(UdpSender.java:47)
datanode_1    | 	at io.jaegertracing.thrift.internal.senders.ThriftSenderFactory.getSender(ThriftSenderFactory.java:36)
datanode_1    | 	at io.jaegertracing.internal.senders.SenderResolver.getSenderFromFactory(SenderResolver.java:110)
datanode_1    | 	at io.jaegertracing.internal.senders.SenderResolver.resolve(SenderResolver.java:88)
datanode_1    | 	at io.jaegertracing.Configuration$SenderConfiguration.getSender(Configuration.java:696)
datanode_1    | 	at io.jaegertracing.Configuration$ReporterConfiguration.getReporter(Configuration.java:593)
datanode_1    | 	at io.jaegertracing.Configuration$ReporterConfiguration.access$000(Configuration.java:553)
datanode_1    | 	at io.jaegertracing.Configuration.getTracerBuilder(Configuration.java:230)
datanode_1    | 	at org.apache.hadoop.hdds.tracing.TracingUtil.initTracing(TracingUtil.java:53)

So I guess we need to wait for new Jaeger release.

[smengcl]

@adoroszlai thanks for checking. i tried to bump jaeger-client from 1.2.0 to 1.5.0 but the result is the same. i guess we have to wait for a new jaeger java client release.

blocked on jaegertracing/jaeger-client-java#768

[smengcl]

Waiting for a new jaeger-client release.

[smengcl]

There should be a 1.6.0 release soon:

jaegertracing/jaeger-client-java#774 (comment)

Retrigger CI when it releases.

[smengcl]

1.6.0 tagged but not released yet:
https://github.com/jaegertracing/jaeger-client-java/releases
https://mvnrepository.com/artifact/io.jaegertracing/jaeger-client

Should expect a release in ~1 week?

[smengcl]

1.6.0 released. Retriggering CI.

[adoroszlai]

@smengcl Thanks for updating the patch. Tracing looks good now. I've noticed this error in S3 Gateway log:

s3g_1         | 07:46:42.267 [main] ERROR org.jboss.weld.environment.servletTomcat - WELD-ENV-001102: Unable to replace Tomcat 7 AnnotationProcessor. CDI injection will not be available in Servlets, Filters, or Listeners.
s3g_1         | java.lang.RuntimeException: WELD-ENV-001104: Cannot get StandardContext from ServletContext.
s3g_1         | 	at org.jboss.weld.environment.tomcat.WeldForwardingInstanceManager.getStandardContext(WeldForwardingInstanceManager.java:104) ~[weld-servlet-2.4.7.Final.jar:2.4.7.Final]
s3g_1         | 	at org.jboss.weld.environment.tomcat.WeldForwardingInstanceManager.replaceInstanceManager(WeldForwardingInstanceManager.java:84) ~[weld-servlet-2.4.7.Final.jar:2.4.7.Final]
s3g_1         | 	at org.jboss.weld.environment.tomcat.TomcatContainer.initialize(TomcatContainer.java:43) [weld-servlet-2.4.7.Final.jar:2.4.7.Final]
s3g_1         | 	at org.jboss.weld.environment.servlet.WeldServletLifecycle.initialize(WeldServletLifecycle.java:220) [weld-servlet-2.4.7.Final.jar:2.4.7.Final]
s3g_1         | 	at org.jboss.weld.environment.servlet.Listener.contextInitialized(Listener.java:125) [weld-servlet-2.4.7.Final.jar:2.4.7.Final]
s3g_1         | 	at org.eclipse.jetty.server.handler.ContextHandler.callContextInitialized(ContextHandler.java:1068) [jetty-server-9.4.35.v20201120.jar:9.4.35.v20201120]
s3g_1         | 	at org.eclipse.jetty.servlet.ServletContextHandler.callContextInitialized(ServletContextHandler.java:572) [jetty-servlet-9.4.35.v20201120.jar:9.4.35.v20201120]
s3g_1         | 	at org.eclipse.jetty.server.handler.ContextHandler.contextInitialized(ContextHandler.java:997) [jetty-server-9.4.35.v20201120.jar:9.4.35.v20201120]
s3g_1         | 	at org.eclipse.jetty.servlet.ServletHandler.initialize(ServletHandler.java:746) [jetty-servlet-9.4.35.v20201120.jar:9.4.35.v20201120]
...
s3g_1         | 	at org.eclipse.jetty.server.Server.doStart(Server.java:387) [jetty-server-9.4.35.v20201120.jar:9.4.35.v20201120]
s3g_1         | 	at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:73) [jetty-util-9.4.35.v20201120.jar:9.4.35.v20201120]
s3g_1         | 	at org.apache.hadoop.hdds.server.http.HttpServer2.start(HttpServer2.java:1187) [hadoop-hdds-server-framework-1.1.0-SNAPSHOT.jar:?]
s3g_1         | 	at org.apache.hadoop.hdds.server.http.BaseHttpServer.start(BaseHttpServer.java:295) [hadoop-hdds-server-framework-1.1.0-SNAPSHOT.jar:?]
s3g_1         | 	at org.apache.hadoop.ozone.s3.Gateway.start(Gateway.java:69) [hadoop-ozone-s3gateway-1.1.0-SNAPSHOT.jar:?]
s3g_1         | 	at org.apache.hadoop.ozone.s3.Gateway.call(Gateway.java:58) [hadoop-ozone-s3gateway-1.1.0-SNAPSHOT.jar:?]
s3g_1         | 	at org.apache.hadoop.ozone.s3.Gateway.call(Gateway.java:37) [hadoop-ozone-s3gateway-1.1.0-SNAPSHOT.jar:?]
...
s3g_1         | 	at org.apache.hadoop.hdds.cli.GenericCli.run(GenericCli.java:87) [hadoop-hdds-common-1.1.0-SNAPSHOT.jar:?]
s3g_1         | 	at org.apache.hadoop.ozone.s3.Gateway.main(Gateway.java:48) [hadoop-ozone-s3gateway-1.1.0-SNAPSHOT.jar:?]
s3g_1         | Caused by: java.lang.ClassCastException: class org.eclipse.jetty.webapp.WebAppContext$Context cannot be cast to class org.apache.catalina.core.ApplicationContextFacade (org.eclipse.jetty.webapp.WebAppContext$Context and org.apache.catalina.core.ApplicationContextFacade are in unnamed module of loader 'app')
s3g_1         | 	at org.jboss.weld.environment.tomcat.WeldForwardingInstanceManager.getStandardContext(WeldForwardingInstanceManager.java:101) ~[weld-servlet-2.4.7.Final.jar:2.4.7.Final]
s3g_1         | 	... 41 more

[smengcl]

@adoroszlai Interesting find. I've observed the same. Though create-bucket through S3 Gateway still works (no security):

aws s3api --endpoint http://127.0.0.1:9878 create-bucket --bucket buck1

2021-04-08 22:55:44,193 [main] INFO http.BaseHttpServer: HTTP server of s3gateway listening at http://0.0.0.0:9878
2021-04-08 22:57:42,194 [qtp1223850219-23] INFO rpc.RpcClient: Creating Bucket: s3v/buck1, with Versioning false and Storage Type set to DISK and Encryption set to false
2021-04-08 22:57:42,387 [qtp1223850219-23] INFO endpoint.BucketEndpoint: Location is /buck1

The Web UI is probably broken. When I switch back to 1.2.0, the message is gone.

[smengcl]

I think it's new libthrift's tomcat-embed-core dependency that messed up the class loader:

[INFO] +- io.jaegertracing:jaeger-client:jar:1.6.0:compile
[INFO] |  +- io.jaegertracing:jaeger-thrift:jar:1.6.0:compile
[INFO] |  |  +- org.apache.thrift:libthrift:jar:0.14.1:compile
[INFO] |  |  |  \- org.apache.tomcat.embed:tomcat-embed-core:jar:8.5.46:compile
[INFO] |  |  |     \- org.apache.tomcat:tomcat-annotations-api:jar:8.5.46:compile
[INFO] |  |  \- com.squareup.okhttp3:okhttp:jar:4.9.0:compile
[INFO] |  |     +- com.squareup.okio:okio:jar:2.8.0:compile
[INFO] |  |     |  \- org.jetbrains.kotlin:kotlin-stdlib-common:jar:1.4.0:compile
[INFO] |  |     \- org.jetbrains.kotlin:kotlin-stdlib:jar:1.4.10:compile
[INFO] |  |        \- org.jetbrains:annotations:jar:13.0:compile

org.apache.catalina.core.ApplicationContextFacade is included in tomcat-embed-core-8.5.46.jar

@adoroszlai we should somehow exclude that from s3 gateway / hdds common? or just shade jaeger-client entirely to prevent this

[smengcl]

Thanks @adoroszlai for adding the exclusion. I have verified S3 gateway startup error is gone with the exclusion of tomcat-embed-core locally in docker-compose.