[jira] [Commented] (HDFS-13699) Add DFSClient sending handshake token to DataNode, and allow DataNode overwrite downstream QOP

Tue, 26 Mar 2019 16:55:54 -0700 


    [ 
https://issues.apache.org/jira/browse/HDFS-13699?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16802284#comment-16802284
 ] 

Konstantin Shvachko commented on HDFS-13699:
--------------------------------------------

Thanks, [~vagarychen] for the patch. So my main question is
 * What is the upgrade story here? During the upgrade from old version to the 
new we will have old and new clients and DNs communicating to each other some 
of them will have {{SaslMessageWithHandshake}} and some won't.

Other comments below:
 # SaslDataTransferServer
 ** Should use {{assert :}} instead of
{{Preconditions.checkArgument(secret != null && bpid != null);}}
 ** {{"HmacSHA1"}} should either reuse {{DEFAULT_HMAC_ALGORITHM}} or be defined 
as a local constant
 # Unused imports: {{DataXceiver}}, {{TestMultipleNNPortQOP}}
 # Naming of constants for new config properties is not in sync with the 
properties names. Should also move to the right section in {{DFSConfigKeys}}.

> Add DFSClient sending handshake token to DataNode, and allow DataNode 
> overwrite downstream QOP
> ----------------------------------------------------------------------------------------------
>
>                 Key: HDFS-13699
>                 URL: https://issues.apache.org/jira/browse/HDFS-13699
>             Project: Hadoop HDFS
>          Issue Type: Sub-task
>            Reporter: Chen Liang
>            Assignee: Chen Liang
>            Priority: Major
>         Attachments: HDFS-13699.001.patch, HDFS-13699.002.patch, 
> HDFS-13699.003.patch, HDFS-13699.004.patch, HDFS-13699.005.patch, 
> HDFS-13699.006.patch, HDFS-13699.007.patch, HDFS-13699.WIP.001.patch
>
>
> Given the other Jiras under HDFS-13541, this Jira is to allow DFSClient to 
> redirect the encrypt secret to DataNode. The encrypted message is the QOP 
> that client and NameNode have used. DataNode decrypts the message and enforce 
> the QOP for the client connection. Also, this Jira will also include 
> overwriting downstream QOP, as mentioned in the HDFS-13541 design doc. 
> Namely, this is to allow inter-DN QOP that is different from client-DN QOP.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to