hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Xiao Chen (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-13437) KMS should reload whitelist and default key ACLs when hot-reloading
Date Thu, 25 May 2017 07:07:04 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-13437?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16024322#comment-16024322
] 

Xiao Chen commented on HADOOP-13437:
------------------------------------

Thanks [~shahrs87] for the ping and [~kihwal] for the backport. Sorry I was on leave until
today.

Mixed feeling on backporting to earlier than branch-2 unless its critical/blocker, but I guess
it depends on each fix. On the flip side, below is the jira that's fixed recently regarding
KMS: 
HADOOP-12559.
HADOOP-11722.
HADOOP-13251.
HADOOP-13155.
YARN-5048. 
YARN-3055.
HADOOP-13487.
HADOOP-13255.
HADOOP-13132.
HADOOP-12659.
HADOOP-13381.
HADOOP-13437.
HADOOP-12682.
HADOOP-12901.
HADOOP-13638.
HADOOP-12453.
HADOOP-13838.
HADOOP-8751. 

There were also some encryption related fixes but I think checking history of TestEncryptionZones
(and similar) classes should show.
I didn't manage to go through each jira about 2.8/2.7/2.6 inclusion, but feel free to ping
me on the jira if you see it should be backported.

Hope this helps.

> KMS should reload whitelist and default key ACLs when hot-reloading
> -------------------------------------------------------------------
>
>                 Key: HADOOP-13437
>                 URL: https://issues.apache.org/jira/browse/HADOOP-13437
>             Project: Hadoop Common
>          Issue Type: Bug
>          Components: kms
>    Affects Versions: 2.6.0
>            Reporter: Xiao Chen
>            Assignee: Xiao Chen
>             Fix For: 2.9.0, 3.0.0-alpha1, 2.8.2
>
>         Attachments: HADOOP-13437.01.patch, HADOOP-13437.02.patch, HADOOP-13437.03.patch,
HADOOP-13437.04.patch, HADOOP-13437.05.patch
>
>
> When hot-reloading, {{KMSACLs#setKeyACLs}} ignores whitelist and default key entries
if they're present in memory.
> We should reload them, hot-reload and cold-start should not have any difference in behavior.
> Credit to [~dilaver] for finding this.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-issues-help@hadoop.apache.org


Mime
View raw message