[
https://issues.apache.org/jira/browse/HADOOP-13539?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15437084#comment-15437084
]
Arun Suresh commented on HADOOP-13539:
--------------------------------------
So... this is actually intentional.
The Master Key deletion failure is not that big a deal, and I felt it did not
warrant an Exception. If one ZKDTSM cannot delete it, one of its peers will
delete it later on. Furthermore, these are mostly old expired keys which are
anyway not used to create new Tokens.
On the other hand deletion of a DelegationToken is important else it is
possible that the peer ZKDTSMs are not notified of the deleted token of an
expired DelegationToken may be used to authenticate.
> KMS's zookeeper-based secret manager should be consistent when failed to
> remove node
> ------------------------------------------------------------------------------------
>
> Key: HADOOP-13539
> URL: https://issues.apache.org/jira/browse/HADOOP-13539
> Project: Hadoop Common
> Issue Type: Bug
> Components: kms
> Affects Versions: 2.6.0
> Reporter: Xiao Chen
> Assignee: Xiao Chen
> Attachments: HADOOP-13539.01.patch
>
>
> In {{ZKDelegationTokenSecretManager}}, the 2 methods
> {{removeStoredMasterKey}} and {{removeStoredToken}} are very much alike, yet
> handles exception differently. We should not throw RTE if a node cannot be
> removed - logging is enough.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
