[jira] [Updated] (HADOOP-13252) Tune S3A provider plugin mechanism

Thu, 18 Aug 2016 11:09:38 -0700 

     [ 
https://issues.apache.org/jira/browse/HADOOP-13252?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Steve Loughran updated HADOOP-13252:
------------------------------------
    Attachment: HADOOP-13252-006.patch

Patch 006

fixed to work against trunk. The issue there is that because trunk returns the 
default value correctly, we can't pass in an interface there. Instead 
{{Configuration.getInstances()}} was copied into {{S3AUtils}} and tweaked to 
only do the list of classes (with assignment check) rather than the full 
instantiation.

* adds tests to generate and validate failure modes
* factors out the error text strings looked for in the tests
* also fixed test teardown to handle null file context, including in the hadoop 
common base class. 

Tested: S3 ireland

> Tune S3A provider plugin mechanism
> ----------------------------------
>
>                 Key: HADOOP-13252
>                 URL: https://issues.apache.org/jira/browse/HADOOP-13252
>             Project: Hadoop Common
>          Issue Type: Sub-task
>          Components: fs/s3
>    Affects Versions: 2.8.0
>            Reporter: Steve Loughran
>            Assignee: Steve Loughran
>            Priority: Minor
>         Attachments: HADOOP-13252-006.patch, HADOOP-13252-branch-2-001.patch, 
> HADOOP-13252-branch-2-003.patch, HADOOP-13252-branch-2-004.patch, 
> HADOOP-13252-branch-2-005.patch
>
>
> We've now got some fairly complex auth mechanisms going on: -hadoop config, 
> KMS, env vars, "none". IF something isn't working, it's going to be a lot 
> harder to debug.
> Review and tune the S3A provider point
> * add logging of what's going on in s3 auth to help debug problems
> * make a whole chain of logins expressible
> * allow the anonymous credentials to be included in the list
> * review and updated documents.
> I propose *carefully* adding some debug messages to identify which auth 
> provider is doing the auth, so we can see if the env vars were kicking in, 
> sysprops, etc.
> What we mustn't do is leak any secrets: this should be identifying whether 
> properties and env vars are set, not what their values are. I don't believe 
> that this will generate a security risk.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to