[jira] [Commented] (HBASE-11467) New impl of Registry interface not using ZK + new RPCs on master protocol

Mon, 11 Aug 2014 17:40:28 -0700 

    [ 
https://issues.apache.org/jira/browse/HBASE-11467?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14093566#comment-14093566
 ] 

Gary Helmling commented on HBASE-11467:
---------------------------------------

[~stack] The client needs to know the ClusterId in order to select the token to 
use for token authentication from the bundle of credentials that it has access 
to.  I believe when we first implemented this we discussed using the zk quorum 
string instead, but we settled on using a globally unique cluster ID as a 
cleaner solution, due to difficulties in canonicalizing the quorum string 
(short vs. fully qualified hostnames, ordering, whether or not client port is 
present...), and of course the zk quorum could change.

It might be possible to have the server provide the cluster ID as part of the 
initial SASL negotiation, but I'm not sure how difficult this would be.  
Currently, if a token is found, we negotiate DIGEST-MD5 with SASL, otherwise 
pass through to GSSAPI.  So having the server return a cluster ID in 
negotiation would require a step before that in order to determine whether we 
have a token or not.

I agree that forcing the client to add the cluster ID in configuration 
somewhere is not a great option, but I haven't looked at the patch yet to see 
what it is doing.  I will take a look at the details.

> New impl of Registry interface not using ZK + new RPCs on master protocol
> -------------------------------------------------------------------------
>
>                 Key: HBASE-11467
>                 URL: https://issues.apache.org/jira/browse/HBASE-11467
>             Project: HBase
>          Issue Type: Sub-task
>          Components: Client, Consensus, Zookeeper
>    Affects Versions: 2.0.0
>            Reporter: Mikhail Antonov
>            Assignee: Mikhail Antonov
>             Fix For: 2.0.0
>
>         Attachments: HBASE-11467.patch, HBASE-11467.patch
>
>
> Currently there' only one implementation of Registry interface, which is 
> using ZK to get info about meta. Need to create implementation which will be 
> using  RPC calls to master the client is connected to.
> Review of early version of patch is here: https://reviews.apache.org/r/24296/



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Reply via email to