István Fajth created HDDS-4729:
----------------------------------
Summary: Add token support for container admin operations
Key: HDDS-4729
URL: https://issues.apache.org/jira/browse/HDDS-4729
Project: Hadoop Distributed Data Store
Issue Type: New Feature
Reporter: István Fajth
HDDS-2321 disabled token based authentication for container admin commands part
of the DataNode admin protocol as that caused problems with requests that are
not going through Ozone Manager, as token based auth support is present only
there currently.
Within this feature, the followings to be added:
- a new SCM request to get a new kind of token issued by the SCM
- the token would be short living, without renewal or cancellation signed by SCM
- the token will be required for container admin commands inside DataNodes
- the token will be supplied to container admin requests from command line
client, and for commands arriving via DN heartbeat responses
- the token is validated on the DN side for every container admin command, and
in case a token is not supplied or invalid the DN should reject the request.
Also it is part of the development to revisit all DN API requests and add the
appropriate (OM or SCM) token based auth where applicable.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
