[jira] [Commented] (HDFS-11804) KMS client needs retry logic

[Xiao Chen (JIRA)]

    [ 
https://issues.apache.org/jira/browse/HDFS-11804?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16043586#comment-16043586
 ] 

Xiao Chen commented on HDFS-11804:
----------------------------------

Thanks [~shahrs87] for revving.

I have some comments below:
- Not introduced by this, but the first parameter {{URI providerUri}} is not 
used in KMSCP#createProvider.
- Config names should follow existing pattern: 
s/kms.client/hadoop.security.kms.client/g
- core-default.xml needs to be updated with the new configs
- LBKMSCP, can we bring {{throw new IOException("No providers configured !");}} 
forward, to add a check at the beginning?
{code}
    if (providers.length == 0) {
      throw new IOException("No providers configured !");
     }
{code} 
- The original exception message above is double-exclamation marked.
- Regarding AuthenticatedException, I think below is 1 possible way to have 
{{LBKMSCP#doOp}} end up catching one:
KMSCP#createKey -> KMSCP#createConnection -> 
DelegationTokenAuthenticatedURL#openConnection

> KMS client needs retry logic
> ----------------------------
>
>                 Key: HDFS-11804
>                 URL: https://issues.apache.org/jira/browse/HDFS-11804
>             Project: Hadoop HDFS
>          Issue Type: Bug
>    Affects Versions: 2.6.0
>            Reporter: Rushabh S Shah
>            Assignee: Rushabh S Shah
>         Attachments: HDFS-11804-trunk-1.patch, HDFS-11804-trunk-2.patch, 
> HDFS-11804-trunk-3.patch, HDFS-11804-trunk-4.patch, HDFS-11804-trunk.patch
>
>
> The kms client appears to have no retry logic – at all.  It's completely 
> decoupled from the ipc retry logic.  This has major impacts if the KMS is 
> unreachable for any reason, including but not limited to network connection 
> issues, timeouts, the +restart during an upgrade+.
> This has some major ramifications:
> # Jobs may fail to submit, although oozie resubmit logic should mask it
> # Non-oozie launchers may experience higher rates if they do not already have 
> retry logic.
> # Tasks reading EZ files will fail, probably be masked by framework reattempts
> # EZ file creation fails after creating a 0-length file – client receives 
> EDEK in the create response, then fails when decrypting the EDEK
> # Bulk hadoop fs copies, and maybe distcp, will prematurely fail



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

---------------------------------------------------------------------
To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org