> On 十月 21, 2014, 8:24 a.m., Prasad Mujumdar wrote: > > sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/HASentryPolicyServiceClientImpl.java, > > line 64 > > <https://reviews.apache.org/r/25980/diff/1/?file=704029#file704029line64> > > > > Do we need to check for a timeout here or the retry policy (in > > HAContext ?) will take care of it ?
Yes, HAContext will handle the retry policy and throw IOException, which may cause by connection timeout or Zookeeper service down. > On 十月 21, 2014, 8:24 a.m., Prasad Mujumdar wrote: > > sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/HASentryPolicyServiceClientImpl.java, > > line 90 > > <https://reviews.apache.org/r/25980/diff/1/?file=704029#file704029line90> > > > > In secure connection the client would need the kerberos principal of > > the server. How do we handle that case ? Hi Prasad, the patch had the following code in renewSentryClient **conf.set(ServiceConstants.ClientConfig.SERVER_RPC_ADDRESS, serverAddress.getHostName());**, and currently we get the server principal using **serverPrincipal = SecurityUtil.getServerPrincipal(serverPrincipal, serverAddress.getAddress());** the security related Tests are added in SENTRY-459, do you think it's okay? > On 十月 21, 2014, 8:24 a.m., Prasad Mujumdar wrote: > > sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/ha/AbstractTestWithHADbProvider.java, > > line 1 > > <https://reviews.apache.org/r/25980/diff/1/?file=704033#file704033line1> > > > > Can we move the HA specific changes in the AbstractTestWithDbProvider ? > > That would make it simpler to run the existing tests on real cluster with HA Good suggestion, I will make it. > On 十月 21, 2014, 8:24 a.m., Prasad Mujumdar wrote: > > sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/HASentryPolicyServiceClientImpl.java, > > line 54 > > <https://reviews.apache.org/r/25980/diff/1/?file=704029#file704029line54> > > > > The current approach requires an wrapper for every Sentry client > > method. When we add new methods, it will require to add a wrapper in here > > as well. > > Have you considered using InvocationHandler for the retry wrapper ? It > > would make adding new methods in the client interface simpler. > > If there's no specific reason for not using InvocationHandler, then we > > might want to log a followup ticket to refactor this module. Okay, I will refact the code with InvocationHandler - Sun ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/25980/#review57483 ----------------------------------------------------------- On 十月 9, 2014, 1:48 p.m., Sun Dapeng wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/25980/ > ----------------------------------------------------------- > > (Updated 十月 9, 2014, 1:48 p.m.) > > > Review request for sentry, Arun Suresh, Lenni Kuff, Prasad Mujumdar, and > Sravya Tirukkovalur. > > > Bugs: SENTRY-464 > https://issues.apache.org/jira/browse/SENTRY-464 > > > Repository: sentry > > > Description > ------- > > * Add service register in **SentryPolicyStoreProcessor** > * Add **HASentryPolicyServiceClientImpl** as a HA implementation for > SentryPolicyServiceClient, it can select active node which registered in > Zookeeper > * Add **doOperationAndRetry** , use **SentryPolicyServiceClientDefaultImpl** > as a field, this make all HA method can reuse the same logic for retry. > ````java > private <T> T doOperationAndRetry(SentryOperation<T> sentryOption) throws > SentryUserException { > while (true) { > try { > return sentryOption.doOperation(); > } catch (SentryUserException e) { > throw e; > } catch (Exception e) { > LOGGER.warn(THRIFT_EXCEPTION_MESSAGE > + ": Error in connect current service, will retry other > service.", e); > try { > renewSentryClient(); > } catch (IOException e1) { > throw new SentryUserException(e1.getMessage(),e1.getCause()); > } > } > } > } > ```` > > > Diffs > ----- > > > sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/HASentryPolicyServiceClientImpl.java > PRE-CREATION > > sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java > e3cdfc2 > > sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryService.java > 6843e80 > > sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryServiceClientFactory.java > 11545a5 > > sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/ha/AbstractTestWithHADbProvider.java > PRE-CREATION > > sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/ha/TestPrivilegeWithHAGrantOption.java > PRE-CREATION > > Diff: https://reviews.apache.org/r/25980/diff/ > > > Testing > ------- > > The addition UnitTest is used for test client reconnect, other UnitTest > passed in local > > > Thanks, > > Sun Dapeng > >
