[jira] [Commented] (HDFS-11702) Remove indefinite caching of key provider uri in DFSClient

Mon, 08 May 2017 06:52:30 -0700 

    [ 
https://issues.apache.org/jira/browse/HDFS-11702?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16000752#comment-16000752
 ] 

Hudson commented on HDFS-11702:
-------------------------------

SUCCESS: Integrated in Jenkins build Hadoop-trunk-Commit #11696 (See 
[https://builds.apache.org/job/Hadoop-trunk-Commit/11696/])
HDFS-11702. Remove indefinite caching of key provider uri in DFSClient. 
(kihwal: rev cef2815cf48154fe82f44082dcbdce6373c81284)
* (edit) 
hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/TestEncryptionZones.java
* (edit) 
hadoop-hdfs-project/hadoop-hdfs-client/src/main/java/org/apache/hadoop/hdfs/DFSClient.java


> Remove indefinite caching of key provider uri in DFSClient
> ----------------------------------------------------------
>
>                 Key: HDFS-11702
>                 URL: https://issues.apache.org/jira/browse/HDFS-11702
>             Project: Hadoop HDFS
>          Issue Type: Bug
>          Components: hdfs-client
>            Reporter: Rushabh S Shah
>            Assignee: Rushabh S Shah
>             Fix For: 3.0.0-alpha3, 2.8.2
>
>         Attachments: HDFS-11702.patch
>
>
> There is an indefinite caching of key provider uri in dfsclient.
> Relevant piece of code.
> {code:title=DFSClient.java|borderStyle=solid}
>   /**
>    * The key provider uri is searched in the following order.
>    * 1. If there is a mapping in Credential's secrets map for namenode uri.
>    * 2. From namenode getServerDefaults rpc.
>    * 3. Finally fallback to local conf.
>    * @return keyProviderUri if found from either of above 3 cases,
>    * null otherwise
>    * @throws IOException
>    */
>   URI getKeyProviderUri() throws IOException {
>     if (keyProviderUri != null) {
>       return keyProviderUri;
>     }
>     // Lookup the secret in credentials object for namenodeuri.
>     Credentials credentials = ugi.getCredentials();
>    ...
>    ...
> {code}
> Once the key provider uri is set, it won't refresh the value even if the key 
> provider uri on namenode is changed.
> For long running clients like on oozie servers, this means we have to bounce 
> all the oozie servers to get the change reflected.
> After this change, the client will cache the value for an hour after which it 
> will issue getServerDefaults call and will refresh the key provider uri.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to