[jira] [Updated] (KNOX-1187) Distributed Alias Service

Wed, 11 Apr 2018 14:16:29 -0700 

     [ 
https://issues.apache.org/jira/browse/KNOX-1187?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sandeep More updated KNOX-1187:
-------------------------------
    Resolution: Fixed
        Status: Resolved  (was: Patch Available)

 [~lmccay] - Thanks for pointing it out ! I updated the patch to use the 
ConfigurableEncryptor class, this is much better, sorry was not aware of it. 

[~pzampino] - Many thanks for taking a second look ! I updated 
RemoteAliasService#getAliasesForCluster(String) method to make it cleaner and 
choose remote alias over local. Also, updated the names of methods and 
variables to make them more generic.

 

 

> Distributed Alias Service
> -------------------------
>
>                 Key: KNOX-1187
>                 URL: https://issues.apache.org/jira/browse/KNOX-1187
>             Project: Apache Knox
>          Issue Type: Bug
>          Components: Server
>    Affects Versions: 0.14.0, 1.0.0
>            Reporter: Phil Zampino
>            Assignee: Sandeep More
>            Priority: Major
>             Fix For: 1.1.0
>
>         Attachments: KNOX-1187.001.patch, KNOX-1187.002.patch
>
>
> Given the ability to manage provider configurations and descriptors in 
> ZooKeeper, it would also be good to employ ZooKeeper for managing aliases 
> since descriptors reference them for discovery authentication.
> The benefits of ZooKeeper-managed descriptors is limited by the current need 
> to individually define the associated aliases at each and every Knox 
> instance. Any Knox instance for which the referenced alias has not been 
> defined will fail to generate/deploy the topology because service discovery 
> will fail.
> The resolution of this issue will provide a Knox administrator the ability to 
> define aliases in ZooKeeper, which will be consumed and applied by any Knox 
> instance configured to monitor that same ZooKeeper, similar to the way 
> provider configurations and descriptors are supported.
> In fact, the alias-related CLI commands could leverage the remote 
> configuration monitor config to determine whether the aliases should be 
> persisted to / read from ZooKeeper or locally. Knox could use the remote 
> configuration client service to monitor the remote alias configuration, and 
> apply changes locally.
> This will also require some kind of coordination of Knox master secrets; at a 
> minimum, each participating Knox instance will have to have been configured 
> with the same master secret.
>  



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to