[
https://issues.apache.org/jira/browse/HADOOP-11017?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Arun Suresh updated HADOOP-11017:
---------------------------------
Attachment: HADOOP-11017.10.patch
Uploading patch that should fix this.
[~jianhe], Yes I had changed all the {{allKeys.put()}} methods to be wrapped by
{{store/updateDelegationKey()}}.
When RM does a failover, the new active RM will fetch existing key from ZK and
use the {{addKey()}} method to store the key locally only.. the
{{ZKDelegationTokenSecretManager}} on the other hand is deployed in
Active-Active HA configuration which requires all modifications to the
{{allKeys}} map on a running instance has to be updated in ZK.
Fixed the code to make only local modifications to the {{allKeys}} map when
{{addKey()}} is called. This should be fine for
{{ZKDelegationTokenSecretManager}} since {{startThreads()}} will be called
before the SecretManager is started and will call {{updateCurrentKey()}} which
will ensure the key is stored tin ZK.
> KMS delegation token secret manager should be able to use zookeeper as store
> ----------------------------------------------------------------------------
>
> Key: HADOOP-11017
> URL: https://issues.apache.org/jira/browse/HADOOP-11017
> Project: Hadoop Common
> Issue Type: Improvement
> Components: security
> Affects Versions: 2.6.0
> Reporter: Alejandro Abdelnur
> Assignee: Arun Suresh
> Fix For: 2.6.0
>
> Attachments: HADOOP-11017.1.patch, HADOOP-11017.10.patch,
> HADOOP-11017.2.patch, HADOOP-11017.3.patch, HADOOP-11017.4.patch,
> HADOOP-11017.5.patch, HADOOP-11017.6.patch, HADOOP-11017.7.patch,
> HADOOP-11017.8.patch, HADOOP-11017.9.patch, HADOOP-11017.WIP.patch
>
>
> This will allow supporting multiple KMS instances behind a load balancer.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
