This is an automated email from the ASF dual-hosted git repository. ckj pushed a commit to branch ozone-1.3 in repository https://gitbox.apache.org/repos/asf/ozone.git
commit 671b7147fc4c1cf837befdc403266ba3d88d7ac9 Author: Jie Yao <[email protected]> AuthorDate: Thu Oct 20 14:33:00 2022 +0800 HDDS-7355. non-primordial scm fail to get signed cert from primordial SCM when converting an unsecure cluster to secure (#3859) --- .../hadoop/hdds/scm/server/StorageContainerManager.java | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/hadoop-hdds/server-scm/src/main/java/org/apache/hadoop/hdds/scm/server/StorageContainerManager.java b/hadoop-hdds/server-scm/src/main/java/org/apache/hadoop/hdds/scm/server/StorageContainerManager.java index 1f57b4ffea..09844681ab 100644 --- a/hadoop-hdds/server-scm/src/main/java/org/apache/hadoop/hdds/scm/server/StorageContainerManager.java +++ b/hadoop-hdds/server-scm/src/main/java/org/apache/hadoop/hdds/scm/server/StorageContainerManager.java @@ -1072,7 +1072,8 @@ public final class StorageContainerManager extends ServiceRuntimeInfoImpl scmStorageConfig.getScmId()); // Initialize security if security is enabled later. - initializeSecurityIfNeeded(conf, scmhaNodeDetails, scmStorageConfig); + initializeSecurityIfNeeded( + conf, scmhaNodeDetails, scmStorageConfig, false); return true; } @@ -1097,7 +1098,8 @@ public final class StorageContainerManager extends ServiceRuntimeInfoImpl } // Initialize security if security is enabled later. - initializeSecurityIfNeeded(conf, scmhaNodeDetails, scmStorageConfig); + initializeSecurityIfNeeded( + conf, scmhaNodeDetails, scmStorageConfig, false); } else { try { @@ -1136,14 +1138,15 @@ public final class StorageContainerManager extends ServiceRuntimeInfoImpl * @param scmStorageConfig * @throws IOException */ - private static void initializeSecurityIfNeeded(OzoneConfiguration conf, - SCMHANodeDetails scmhaNodeDetails, SCMStorageConfig scmStorageConfig) + private static void initializeSecurityIfNeeded( + OzoneConfiguration conf, SCMHANodeDetails scmhaNodeDetails, + SCMStorageConfig scmStorageConfig, boolean isPrimordial) throws IOException { // Initialize security if security is enabled later. if (OzoneSecurityUtil.isSecurityEnabled(conf) && scmStorageConfig.getScmCertSerialId() == null) { HASecurityUtils.initializeSecurity(scmStorageConfig, conf, - getScmAddress(scmhaNodeDetails, conf), true); + getScmAddress(scmhaNodeDetails, conf), isPrimordial); scmStorageConfig.forceInitialize(); LOG.info("SCM unsecure cluster is converted to secure cluster. " + "Persisted SCM Certificate SerialID {}", @@ -1233,7 +1236,7 @@ public final class StorageContainerManager extends ServiceRuntimeInfoImpl final boolean isSCMHAEnabled = scmStorageConfig.isSCMHAEnabled(); // Initialize security if security is enabled later. - initializeSecurityIfNeeded(conf, haDetails, scmStorageConfig); + initializeSecurityIfNeeded(conf, haDetails, scmStorageConfig, true); if (SCMHAUtils.isSCMHAEnabled(conf) && !isSCMHAEnabled) { SCMRatisServerImpl.initialize(scmStorageConfig.getClusterID(), --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
