bharatviswa504 commented on a change in pull request #830: HDDS-3392.OM create
key/file should not generate different data encryption key during
validateAndUpdateCache.
URL: https://github.com/apache/hadoop-ozone/pull/830#discussion_r409286186
##########
File path:
hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/request/key/OMKeyRequest.java
##########
@@ -451,4 +446,62 @@ protected void checkKeyAclsInOpenKeyTable(OzoneManager
ozoneManager,
checkKeyAcls(ozoneManager, volume, bucket, keyNameForAclCheck,
aclType, OzoneObj.ResourceType.KEY);
}
+
+ /**
+ * Generate EncryptionInfo and set in to newKeyArgs.
+ * @param keyArgs
+ * @param newKeyArgs
+ * @param ozoneManager
+ */
+ protected void generateRequiredEncryptionInfo(KeyArgs keyArgs,
+ KeyArgs.Builder newKeyArgs, OzoneManager ozoneManager)
+ throws IOException {
+
+ String volumeName = keyArgs.getVolumeName();
+ String bucketName = keyArgs.getBucketName();
+
+ boolean acquireLock = false;
+ OMMetadataManager omMetadataManager = ozoneManager.getMetadataManager();
+
+ // When TDE is enabled, we are doing a DB read in pre-execute. As for
+ // most of the operations we don't read from DB because of our isLeader
+ // semantics. This issue will be solved with implementation of leader
+ // leases which provider strong leader semantics in the system.
+
+ // If KMS is not enabled, follow the normal approach of execution of not
+ // reading DB in pre-execute.
+ if (ozoneManager.getKmsProvider() != null) {
+ try {
+ acquireLock = omMetadataManager.getLock().acquireReadLock(
+ BUCKET_LOCK, volumeName, bucketName);
+
+
+ OmBucketInfo bucketInfo = omMetadataManager.getBucketTable().get(
+ omMetadataManager.getBucketKey(volumeName, bucketName));
+
+
+ // Don't throw exception of bucket not found when bucketinfo is not
+ // null. If bucketinfo is null, later when request
+ // is submitted and if bucket does not really exist it will fail in
+ // applyTransaction step. Why we are doing this is if OM thinks it is
+ // the leader, but it is not, we don't want to fail request in this
+ // case. As anyway when it submits request to ratis it will fail with
Review comment:
We are doing this because of our current isLeader semantics.
The same is explained in the comments, once after strong leader semantics,
we can revisit this.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
With regards,
Apache Git Services
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
