----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/56191/#review163899 -----------------------------------------------------------
Fix it, then Ship it! Ship It! sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/HMSFollower.java (line 74) <https://reviews.apache.org/r/56191/#comment235409> I think we should retry more - HMS may be down for a while, but we still need to test this, so it can't block forever. sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/HMSFollower.java (line 164) <https://reviews.apache.org/r/56191/#comment235408> Would it be a good idea to sleep a bit between retries? sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/HMSFollower.java (line 168) <https://reviews.apache.org/r/56191/#comment235407> can you use a new var here rather than reusing attempt from above? sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/HMSFollower.java (line 182) <https://reviews.apache.org/r/56191/#comment235410> I trhink we should sleep here for a while before retrying. Also we shouldn't continue in this case - we should either retry forever or fail completely. - Alexander Kolbasov On Feb. 1, 2017, 10:30 p.m., Vamsee Yarlagadda wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/56191/ > ----------------------------------------------------------- > > (Updated Feb. 1, 2017, 10:30 p.m.) > > > Review request for sentry, Alexander Kolbasov, Lei Xu, Hao Hao, kalyan kumar > kalvagadda, and Vadim Spector. > > > Repository: sentry > > > Description > ------- > > SENTRY-1619: Fix the secure HMS connection code in HMSFollower > -- HMSFollower has bugs in implementing logic that's preventing secure HMS > connection from taking place. > > 1. Need to use the right principal and keytab to use for the connection. > 2. Fix the while blocks to allow the connection setup to happen. > > > Diffs > ----- > > > sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/HMSFollower.java > 749c2ce8f89fe5960af5a4b48ff45a38091350f4 > > Diff: https://reviews.apache.org/r/56191/diff/ > > > Testing > ------- > > Sentry server log: > ```bash > 2017-02-01 14:02:48,537 INFO org.apache.sentry.service.thrift.HMSFollower: > HMSFollower is being initialized > 2017-02-01 14:02:50,545 INFO DataNucleus.Persistence: Property > datanucleus.cache.level2 unknown - will be ignored > 2017-02-01 14:02:51,911 WARN com.jolbox.bonecp.BoneCPConfig: Max Connections > < 1. Setting to 20 > 2017-02-01 14:02:57,186 WARN com.jolbox.bonecp.BoneCPConfig: Max Connections > < 1. Setting to 20 > 2017-02-01 14:02:57,335 INFO org.apache.sentry.service.thrift.SentryService: > Attempting to start... > 2017-02-01 14:02:57,345 INFO > org.apache.sentry.service.thrift.SentryKerberosContext: Logging in with new > Context > 2017-02-01 14:02:57,403 INFO org.apache.sentry.service.thrift.SentryService: > ProcessorFactory being used: > org.apache.sentry.provider.db.service.thrift.SentryPolicyStoreProcessorFactory > 2017-02-01 14:02:57,711 INFO DataNucleus.Persistence: Property > datanucleus.cache.level2 unknown - will be ignored > 2017-02-01 14:02:58,969 WARN com.jolbox.bonecp.BoneCPConfig: Max Connections > < 1. Setting to 20 > 2017-02-01 14:02:59,035 WARN com.jolbox.bonecp.BoneCPConfig: Max Connections > < 1. Setting to 20 > 2017-02-01 14:02:59,533 INFO org.apache.sentry.hdfs.SentryPlugin: Sentry HDFS > plugin initialized !! > 2017-02-01 14:02:59,561 INFO org.apache.sentry.service.thrift.SentryService: > ProcessorFactory being used: > org.apache.sentry.provider.db.generic.service.thrift.SentryGenericPolicyProcessorFactory > 2017-02-01 14:02:59,699 INFO DataNucleus.Persistence: Property > datanucleus.cache.level2 unknown - will be ignored > 2017-02-01 14:03:00,776 WARN com.jolbox.bonecp.BoneCPConfig: Max Connections > < 1. Setting to 20 > 2017-02-01 14:03:00,854 WARN com.jolbox.bonecp.BoneCPConfig: Max Connections > < 1. Setting to 20 > 2017-02-01 14:03:00,917 INFO org.apache.sentry.service.thrift.SentryService: > ProcessorFactory being used: > org.apache.sentry.hdfs.SentryHDFSServiceProcessorFactory > 2017-02-01 14:03:00,917 INFO > org.apache.sentry.hdfs.SentryHDFSServiceProcessorFactory: Calling > registerProcessor from SentryHDFSServiceProcessorFactory > 2017-02-01 14:03:00,945 INFO org.apache.sentry.service.thrift.SentryService: > Serving on nightly-1.gce.cloudera.com/172.31.112.33:8038 > 2017-02-01 14:03:01,133 INFO org.eclipse.jetty.server.Server: > jetty-7.6.16.v20140903 > 2017-02-01 14:03:01,159 INFO org.eclipse.jetty.server.handler.ContextHandler: > started o.e.j.s.h.ContextHandler{/,null} > 2017-02-01 14:03:01,180 INFO org.eclipse.jetty.server.handler.ContextHandler: > started o.e.j.s.ServletContextHandler{/,null} > 2017-02-01 14:03:01,211 INFO org.eclipse.jetty.server.AbstractConnector: > Started [email protected]:29000 > 2017-02-01 14:03:01,510 WARN org.apache.sentry.hdfs.SentryPlugin: Recieved > Authz Path FULL update [6].. > > 2017-02-01 14:04:23,514 INFO org.apache.sentry.service.thrift.HMSFollower: > Making a kerberos connection to HMS > 2017-02-01 14:04:46,255 INFO org.apache.sentry.service.thrift.HMSFollower: > Using kerberos principal: sentry/[email protected] > 2017-02-01 14:05:15,016 INFO > org.apache.sentry.service.thrift.SentryKerberosContext: Logging in with new > Context > 2017-02-01 14:05:20,783 INFO org.apache.sentry.service.thrift.HMSFollower: > Established kerberos context, will now connect to HMS > 2017-02-01 14:05:35,212 INFO hive.metastore: Trying to connect to metastore > with URI thrift://nightly-1.gce.cloudera.com:9083 > 2017-02-01 14:05:37,210 INFO hive.metastore: Opened a connection to > metastore, current connections: 1 > 2017-02-01 14:05:37,212 INFO hive.metastore: Connected to metastore. > > ``` > > > Thanks, > > Vamsee Yarlagadda > >
