[HDFS-11702] Remove indefinite caching of key provider uri in DFSClient - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 2.9.0, 3.0.0-alpha4, 2.8.2
Component/s: hdfs-client
Labels:
None

Target Version/s:

2.8.2
Hadoop Flags:

Reviewed

Description

There is an indefinite caching of key provider uri in dfsclient.
Relevant piece of code.

DFSClient.java

  /**
   * The key provider uri is searched in the following order.
   * 1. If there is a mapping in Credential's secrets map for namenode uri.
   * 2. From namenode getServerDefaults rpc.
   * 3. Finally fallback to local conf.
   * @return keyProviderUri if found from either of above 3 cases,
   * null otherwise
   * @throws IOException
   */
  URI getKeyProviderUri() throws IOException {
    if (keyProviderUri != null) {
      return keyProviderUri;
    }
    // Lookup the secret in credentials object for namenodeuri.
    Credentials credentials = ugi.getCredentials();
   ...
   ...

Once the key provider uri is set, it won't refresh the value even if the key provider uri on namenode is changed.
For long running clients like on oozie servers, this means we have to bounce all the oozie servers to get the change reflected.
After this change, the client will cache the value for an hour after which it will issue getServerDefaults call and will refresh the key provider uri.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

HDFS-11702.patch
25/Apr/17 22:16
5 kB
Rushabh Shah

Issue Links

is broken by

HADOOP-14104 Client should always ask namenode for kms provider path.

Resolved

Activity

People

Assignee:: Rushabh Shah

Reporter:: Rushabh Shah

Votes:: 0 Vote for this issue

Watchers:: 7 Start watching this issue

Dates

Created:: 25/Apr/17 22:10

Updated:: 30/May/17 06:29

Resolved:: 08/May/17 13:32