[ 
https://issues.apache.org/jira/browse/HADOOP-13317?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15514873#comment-15514873
 ] 

Xiao Chen commented on HADOOP-13317:
------------------------------------

Thanks Suraj for revving. Overall looks good.

Some more comments:
- From my previous comment: for createKey, is it safe to put cipher in the logs?
- Propose to log all params in debug log. If we want to look at debug log, 
things are pretty much not what we thought to be. So more information won't 
harm.
- Sorry I may not be clear in {{when the underlying provider throws an 
exception, it just propagates into tomcat and we ends up seeing nothing in the 
KMS log}}. Take {{createKey}} for example. If {{provider.createKey}} or 
{{provider.flush}} throws, would we see anything in KMS log? Last time I ended 
up adding a try-catch to the entire method, not sure if there's a better way. 
You can try it out by hard-coding that block to throw and check the log. 
Another advantage is we can also add a trace level exit log, symmetric to the 
entering one.

> Add logs to KMS servier-side to improve supportability
> ------------------------------------------------------
>
>                 Key: HADOOP-13317
>                 URL: https://issues.apache.org/jira/browse/HADOOP-13317
>             Project: Hadoop Common
>          Issue Type: Improvement
>          Components: kms
>            Reporter: Xiao Chen
>            Assignee: Suraj Acharya
>            Priority: Minor
>              Labels: supportability
>         Attachments: HADOOP-13317-1.patch, HADOOP-13317-2.patch, 
> HADOOP-13317-3.patch, HADOOP-13317.patch
>
>
> [KMS.java|https://github.com/apache/hadoop/blob/trunk/hadoop-common-project/hadoop-kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMS.java]
>  is the main class that serves KMS http requests. There're currently no logs 
> at all, making trouble shooting difficult.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-issues-h...@hadoop.apache.org

Reply via email to