Re: [PR] [CELEBORN-1258] Add UserIdentifier to the master application meta [celeborn]

Wed, 27 Mar 2024 11:14:23 -0700 


otterc commented on code in PR #2365:
URL: https://github.com/apache/celeborn/pull/2365#discussion_r1541652506


##########
client/src/main/scala/org/apache/celeborn/client/LifecycleManager.scala:
##########
@@ -207,13 +209,20 @@ class LifecycleManager(val appUniqueId: String, val conf: 
CelebornConf) extends
   private val changePartitionManager = new ChangePartitionManager(conf, this)
   private val releasePartitionManager = new ReleasePartitionManager(conf, this)
 
+  private def updateApplicationMeta(): Unit = {
+    
Utils.tryLogNonFatalError(masterClient.askSync[PbApplicationMetaUpdateResponse](
+      PbSerDeUtils.toPbApplicationMeta(applicationMeta),
+      classOf[PbApplicationMetaUpdateResponse]))
+  }
+
   // Since method `onStart` is executed when `rpcEnv.setupEndpoint` is 
executed, and
   // `masterClient` is initialized after `rpcEnv` is initialized, if method 
`onStart` contains
   // a reference to `masterClient`, there may be cases where `masterClient` is 
null when
   // `masterClient` is called. Therefore, it's necessary to uniformly execute 
the initialization
   // method at the end of the construction of the class to perform the 
initialization operations.
   private def initialize(): Unit = {
     // noinspection ConvertExpressionToSAM
+    updateApplicationMeta()

Review Comment:
   Yes, you are correct. The connection will only be established once the 
client is authenticated. However, I still believe that sending the secret in 
plain text multiple times to the Master may cause issues in the future. 
Eventually, we would want to encrypt the secret, and TLS support is for that 
purpose. If we are sending the secret multiple times, it would mean that not 
only registration has to be done with TLS but also that all messages should be 
sent via TLS. Therefore, I think having authentication metadata separated from 
general application metadata will be better.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to