hanishakoneru commented on a change in pull request #2945:
URL: https://github.com/apache/ozone/pull/2945#discussion_r826262703
##########
File path:
hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/GrpcOzoneManagerServer.java
##########
@@ -46,24 +58,42 @@ public GrpcOzoneManagerServer(OzoneConfiguration config,
OzoneManagerProtocolServerSideTranslatorPB
omTranslator,
OzoneDelegationTokenSecretManager
- delegationTokenMgr) {
+ delegationTokenMgr,
+ CertificateClient caClient) {
this.port = config.getObject(
GrpcOzoneManagerServerConfig.class).
getPort();
init(omTranslator,
delegationTokenMgr,
- config);
+ config,
+ caClient);
}
public void init(OzoneManagerProtocolServerSideTranslatorPB omTranslator,
OzoneDelegationTokenSecretManager delegationTokenMgr,
- OzoneConfiguration omServerConfig) {
+ OzoneConfiguration omServerConfig,
+ CertificateClient caClient) {
NettyServerBuilder nettyServerBuilder = NettyServerBuilder.forPort(port)
.maxInboundMessageSize(OzoneConsts.OZONE_SCM_CHUNK_MAX_SIZE)
.addService(new OzoneManagerServiceGrpc(omTranslator,
delegationTokenMgr,
omServerConfig));
+ SecurityConfig secConf = new SecurityConfig(omServerConfig);
+ if (secConf.isGrpcTlsEnabled()) {
Review comment:
It would be the same error ("x509Certicates empty") for different cases.
Would it be better to add a check that security is enabled when TLS is
enabled so that the error log can state clearly what the issue is?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
