[jira] [Updated] (HBASE-7254) Use new Globally Barriered Procedure mechanism to replace AccessController ZK-mediated permissions cache

Sat, 01 Dec 2012 18:08:02 -0800 

     [ 
https://issues.apache.org/jira/browse/HBASE-7254?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Andrew Purtell updated HBASE-7254:
----------------------------------

    Description: 
After HBASE-7212 goes in, we could tighten up the permissions cache using a 
barrier for grant and revoke ops. We should consider replacing the current ZK 
watcher based permissions cache "RPC via ZK" with this Procedure mechanism that 
provides much the same, but with the added benefit that we can fail the grant 
or revoke op if one or more RSes fail to ack the update.

Currently if the local AccessController fails to update its permissions cache 
it will kill the RS. Using the 

  was:
After HBASE-7212 goes in, we could tighten up the permissions cache using a 
barrier for grant and revoke ops. We should consider replacing the current ZK 
watcher based permissions cache "RPC via ZK" with this Procedure mechanism that 
provides much the same, but with the added benefit that we can fail the grant 
or revoke op if one or more RSes fail to ack the update.

We are ok here too without 2PC because during the commit phase if the local 
AccessController fails to update its permissions cache it will kill the RS. 

    
> Use new Globally Barriered Procedure mechanism to replace AccessController 
> ZK-mediated permissions cache 
> ---------------------------------------------------------------------------------------------------------
>
>                 Key: HBASE-7254
>                 URL: https://issues.apache.org/jira/browse/HBASE-7254
>             Project: HBase
>          Issue Type: Task
>          Components: Coprocessors, security
>    Affects Versions: 0.96.0
>            Reporter: Andrew Purtell
>            Assignee: Andrew Purtell
>
> After HBASE-7212 goes in, we could tighten up the permissions cache using a 
> barrier for grant and revoke ops. We should consider replacing the current ZK 
> watcher based permissions cache "RPC via ZK" with this Procedure mechanism 
> that provides much the same, but with the added benefit that we can fail the 
> grant or revoke op if one or more RSes fail to ack the update.
> Currently if the local AccessController fails to update its permissions cache 
> it will kill the RS. Using the 

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to