[GitHub] [ozone] lokeshj1703 commented on a change in pull request #3222: HDDS-6482. Refactor Ratis Rpc and TLS config code.

[GitBox]

lokeshj1703 commented on a change in pull request #3222:
URL: https://github.com/apache/ozone/pull/3222#discussion_r834075255



##########
File path: 
hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/ratis/OzoneManagerRatisServer.java
##########
@@ -813,21 +811,16 @@ public RaftGroupId getRaftGroupId() {
 
   private static Parameters createServerTlsParameters(SecurityConfig conf,
       CertificateClient caClient) throws IOException {
-    Parameters parameters = new Parameters();
-
     if (conf.isSecurityEnabled() && conf.isGrpcTlsEnabled()) {
       List<X509Certificate> caList = HAUtils.buildCAX509List(caClient,
           conf.getConfiguration());
       GrpcTlsConfig config = new GrpcTlsConfig(
           caClient.getPrivateKey(), caClient.getCertificate(),
           caList, true);
-      GrpcConfigKeys.Server.setTlsConf(parameters, config);
-      GrpcConfigKeys.Admin.setTlsConf(parameters, config);
-      GrpcConfigKeys.Client.setTlsConf(parameters, config);
-      GrpcConfigKeys.TLS.setConf(parameters, config);
+      return RatisHelper.setServerTlsConf(config);
     }
 
-    return parameters;
+    return null;

Review comment:
       Same as above.

##########
File path: 
hadoop-hdds/container-service/src/main/java/org/apache/hadoop/ozone/container/common/transport/server/ratis/XceiverServerRatis.java
##########
@@ -461,24 +460,19 @@ public static XceiverServerRatis newXceiverServerRatis(
   // configuration for both.
   private static Parameters createTlsParameters(SecurityConfig conf,
       CertificateClient caClient) throws IOException {
-    Parameters parameters = new Parameters();
-
     if (conf.isSecurityEnabled() && conf.isGrpcTlsEnabled()) {
       List<X509Certificate> caList = HAUtils.buildCAX509List(caClient,
           conf.getConfiguration());
       GrpcTlsConfig serverConfig = new GrpcTlsConfig(
           caClient.getPrivateKey(), caClient.getCertificate(),
           caList, true);
-      GrpcConfigKeys.Server.setTlsConf(parameters, serverConfig);
-      GrpcConfigKeys.Admin.setTlsConf(parameters, serverConfig);
-
       GrpcTlsConfig clientConfig = new GrpcTlsConfig(
           caClient.getPrivateKey(), caClient.getCertificate(),
           caList, false);
-      GrpcConfigKeys.Client.setTlsConf(parameters, clientConfig);
+      return RatisHelper.setServerTlsConf(serverConfig, clientConfig);
     }
 
-    return parameters;
+    return null;

Review comment:
       This might lead to errors when security is disabled when raft server is 
built.




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@ozone.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@ozone.apache.org
For additional commands, e-mail: issues-h...@ozone.apache.org