ajayydv commented on a change in pull request #547: HDDS-594. SCM CA: DN sends
CSR and uses certificate issued by SCM.
URL: https://github.com/apache/hadoop/pull/547#discussion_r262750774
##########
File path:
hadoop-hdds/container-service/src/main/java/org/apache/hadoop/ozone/HddsDatanodeService.java
##########
@@ -192,6 +218,92 @@ public void start(Object service) {
}
}
+ /**
+ * Initializes secure Datanode.
+ * */
+ @VisibleForTesting
+ public void initializeCertificateClient(OzoneConfiguration config)
+ throws IOException {
+ LOG.info("Initializing secure Datanode.");
+
+ CertificateClient.InitResponse response = dnCertClient.init();
+ LOG.info("Init response: {}", response);
+ switch (response) {
+ case SUCCESS:
+ LOG.info("Initialization successful.");
+ break;
+ case GETCERT:
+ getSCMSignedCert(dnCertClient, config);
+ LOG.info("Successfully stored SCM signed certificate.");
+ break;
+ case FAILURE:
+ LOG.error("DN security initialization failed.");
+ throw new RuntimeException("DN security initialization failed.");
+ case RECOVER:
+ LOG.error("DN security initialization failed. OM certificate is " +
Review comment:
Added case info to all cases.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
With regards,
Apache Git Services
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
