[ozone] branch master updated: HDDS-5245. Fix OzoneContainer TLS configuration. (#2264)

bharat Wed, 19 May 2021 02:41:00 -0700

This is an automated email from the ASF dual-hosted git repository.

bharat pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ozone.git



The following commit(s) were added to refs/heads/master by this push:
     new 30fe6ea  HDDS-5245. Fix OzoneContainer TLS configuration. (#2264)
30fe6ea is described below

commit 30fe6ea00486a605d8ee48a16bd550d53e97c437
Author: Xiaoyu Yao <[email protected]>
AuthorDate: Wed May 19 02:40:36 2021 -0700

    HDDS-5245. Fix OzoneContainer TLS configuration. (#2264)
---
 .../hadoop/ozone/container/ozoneimpl/OzoneContainer.java  | 15 ++++++++-------
 1 file changed, 8 insertions(+), 7 deletions(-)

diff --git 
a/hadoop-hdds/container-service/src/main/java/org/apache/hadoop/ozone/container/ozoneimpl/OzoneContainer.java
 
b/hadoop-hdds/container-service/src/main/java/org/apache/hadoop/ozone/container/ozoneimpl/OzoneContainer.java
index c9d645f..4177981 100644
--- 
a/hadoop-hdds/container-service/src/main/java/org/apache/hadoop/ozone/container/ozoneimpl/OzoneContainer.java
+++ 
b/hadoop-hdds/container-service/src/main/java/org/apache/hadoop/ozone/container/ozoneimpl/OzoneContainer.java
@@ -37,7 +37,6 @@ import 
org.apache.hadoop.hdds.protocol.proto.StorageContainerDatanodeProtocolPro
 import 
org.apache.hadoop.hdds.protocol.proto.StorageContainerDatanodeProtocolProtos.ContainerReplicaProto;
 import 
org.apache.hadoop.hdds.protocol.proto.StorageContainerDatanodeProtocolProtos.IncrementalContainerReportProto;
 import 
org.apache.hadoop.hdds.protocol.proto.StorageContainerDatanodeProtocolProtos.PipelineReportsProto;
-import org.apache.hadoop.hdds.ratis.RatisHelper;
 import org.apache.hadoop.hdds.security.token.TokenVerifier;
 import org.apache.hadoop.hdds.security.x509.SecurityConfig;
 import 
org.apache.hadoop.hdds.security.x509.certificate.client.CertificateClient;
@@ -174,14 +173,16 @@ public class OzoneContainer {
         new BlockDeletingService(this, svcInterval.toMillis(), serviceTimeout,
             TimeUnit.MILLISECONDS, config);
 
-    List< X509Certificate > x509Certificates = null;
-    if (certClient != null) {
-      x509Certificates = HAUtils.buildCAX509List(certClient, conf);
+    if (certClient != null && secConf.isGrpcTlsEnabled()) {
+      List<X509Certificate> x509Certificates =
+          HAUtils.buildCAX509List(certClient, conf);
+      tlsClientConfig = new GrpcTlsConfig(
+          certClient.getPrivateKey(), certClient.getCertificate(),
+          x509Certificates, true);
+    } else {
+      tlsClientConfig = null;
     }
 
-    tlsClientConfig = RatisHelper.createTlsClientConfig(secConf,
-        x509Certificates);
-
     initializingStatus =
         new AtomicReference<>(InitializingStatus.UNINITIALIZED);
   }

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[ozone] branch master updated: HDDS-5245. Fix OzoneContainer TLS configuration. (#2264)

Reply via email to