[jira] [Commented] (HDFS-11702) Remove indefinite caching of key provider uri in DFSClient

[Daryn Sharp (JIRA)]

    [ 
https://issues.apache.org/jira/browse/HDFS-11702?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15996906#comment-15996906
 ] 

Daryn Sharp commented on HDFS-11702:
------------------------------------

+1 Assuming no other objections.  W/o this patch when we changed the key 
provider for a cluster, we also had to restart multiple other services 
including but not limited to oozie, hive, etc.

On the original jira some concerns were expressed about the lockless rpc for 
server defaults (I wouldn't care if it was 1min...), so as a middle ground, I'd 
suggest making the server defaults refresh interval configurable.  It could be 
incorporated in this patch or a new one.  Up to you.

> Remove indefinite caching of key provider uri in DFSClient
> ----------------------------------------------------------
>
>                 Key: HDFS-11702
>                 URL: https://issues.apache.org/jira/browse/HDFS-11702
>             Project: Hadoop HDFS
>          Issue Type: Bug
>          Components: hdfs-client
>            Reporter: Rushabh S Shah
>            Assignee: Rushabh S Shah
>         Attachments: HDFS-11702.patch
>
>
> There is an indefinite caching of key provider uri in dfsclient.
> Relevant piece of code.
> {code:title=DFSClient.java|borderStyle=solid}
>   /**
>    * The key provider uri is searched in the following order.
>    * 1. If there is a mapping in Credential's secrets map for namenode uri.
>    * 2. From namenode getServerDefaults rpc.
>    * 3. Finally fallback to local conf.
>    * @return keyProviderUri if found from either of above 3 cases,
>    * null otherwise
>    * @throws IOException
>    */
>   URI getKeyProviderUri() throws IOException {
>     if (keyProviderUri != null) {
>       return keyProviderUri;
>     }
>     // Lookup the secret in credentials object for namenodeuri.
>     Credentials credentials = ugi.getCredentials();
>    ...
>    ...
> {code}
> Once the key provider uri is set, it won't refresh the value even if the key 
> provider uri on namenode is changed.
> For long running clients like on oozie servers, this means we have to bounce 
> all the oozie servers to get the change reflected.
> After this change, the client will cache the value for an hour after which it 
> will issue getServerDefaults call and will refresh the key provider uri.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

---------------------------------------------------------------------
To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org