[
https://issues.apache.org/jira/browse/HDFS-15148?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17026282#comment-17026282
]
Chen Liang commented on HDFS-15148:
-----------------------------------
The failed test TestMultipleNNPortQOP seems unrelated to the change in this
jira, and has been passing in my local runs. I think it failed because of the
hard coded 100ms sleep may not be long enough for Jenkins run. So this is a
test that may randomly fail if unlucky. Although I update the patch here with a
fix, since it is separate issue, maybe this test fix should be in another Jira.
[~shv] please let me know if you have a preference.
> dfs.namenode.send.qop.enabled should not apply to primary NN port
> -----------------------------------------------------------------
>
> Key: HDFS-15148
> URL: https://issues.apache.org/jira/browse/HDFS-15148
> Project: Hadoop HDFS
> Issue Type: Bug
> Affects Versions: 2.10.1, 3.3.1
> Reporter: Chen Liang
> Assignee: Chen Liang
> Priority: Major
> Attachments: HDFS-15148.001.patch, HDFS-15148.002.patch,
> HDFS-15148.003.patch
>
>
> In HDFS-13617, NameNode can be configured to wrap its established QOP into
> block access token as an encrypted message. Later on DataNode will use this
> message to create SASL connection. But this new behavior should only apply to
> new auxiliary NameNode ports, not the primary port (the one configured in
> fs.defaultFS), as it may cause conflicting behavior with existing other SASL
> related configuration (e.g. dfs.data.transfer.protection). Since this
> configure is introduced for to auxiliary ports only, we should restrict this
> new behavior to not apply to primary port.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
