josh-mckenzie commented on a change in pull request #1213:
URL: https://github.com/apache/cassandra/pull/1213#discussion_r715795821
##########
File path: src/java/org/apache/cassandra/service/StorageService.java
##########
@@ -1101,6 +1102,8 @@ public void joinTokenRing(boolean finishJoiningRing,
{
logger.warn("Some data streaming failed. Use nodetool to check
bootstrap state and resume. For more, see `nodetool help bootstrap`. {}",
SystemKeyspace.getBootstrapState());
}
+
+ StorageProxy.instance.initialLoadPartitionDenylist();
Review comment:
This happens relatively early in the grand scheme of things - see
`CassandraDaemon.setup` and the call to `StorageService.instance.initServer`
that cascades to here. So we'll load up our deny list prior to waiting for
gossip to settle, prior to auth setup, and prior to re-enabling auto
compaction. i.e. early enough in the init we shouldn't be exposing ourselves to
a race with people accessing partitions we want to deny access to, but late
enough that we're not relying on any systems or infra being up and running that
might not be there.
Make sense? Also - full disclosure, I didn't do the initial implementation
and it's been in production use for some time with this init ordering and
running at scale, so that should factor in (both for and against) our degree of
confidence the code.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
