vnhive opened a new pull request #3966:
URL: https://github.com/apache/hadoop/pull/3966
HADOOP-15980 : Enable TLS in RPC client/server
1 HADOOP-15980 : Enable TLS in RPC client/server
================================================
This pull request integrates the work done in the JIRAs for,
- HADOOP-15978 : Add Netty support to the RPC server
- HADOOP-15979 : Add Netty support to the RPC client
and then creates a prototype for enabling the SSL Handler over the
channel pipeline created in the above JIRAs. Specifically the
following work has been done,
1.1 HADOOP-15978 : Add Netty Support to the RPC Server
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- Integrating the initial patch submitted by Daryn
- Integrating the patch for JAR shading provided by Wei-Chiu Chuang.
- Fixes for unit test failures
- Adding comments and Javadoc.
1.2 HADOOP-15979 : Add Netty support to the RPC client
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- Integrating the initial patch submitted by Daryn.
- Addressing the initial comments given by Wei-Chiu Chuang on the
patch.
- Enabling the Netty Client flag in the unit tests.
1.3 HADOOP-15980 : Enable TLS in RPC client/server
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- Post the above changes we added the SSLHandlers to the Server and
Client Channel pipelines and building the SSLContext from a
SelfSignedCertificate class.
- We had to change NettyOutputStream::write to use
Channel::writeAndFlush. We had to do this because the connection
context packet was not being flushed when a tez session was being
opened. The packet sent after the connection context packet was
being parsed as the header packet causing an error.
- We have a prototype internally using which Hive insert queries are
running successfully.
- There are unit test failures that we are working on fixing.
- I have discussed the changes with Akira offline. I highly respect
his opinion to share early versions of the patches and solicit
feedback on the changes continuously. Although the current patch
is not complete I am submitting it to solicit feedback. I will also keep
posting patches continuously.
- I am also taking Akira's advice and tagging @daryn-sharp and @jojochuang
.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
