hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Andrew Wang (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-11110) JavaKeystoreProvider should not report a key as created if it was not flushed to the backing file
Date Sat, 27 Sep 2014 00:27:34 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-11110?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14150262#comment-14150262

Andrew Wang commented on HADOOP-11110:

Hi Arun, this looks great. I just have a few small comments:

- KeyShell, I notice that we print the success message before flushing in various places.
Should these prints be moved down? I think we wouldn't see this when testing with the KMS
since it always flushes implicitly, but we might when using JKS.
- FailureInjectingJKSP, could we make the "failjceks" string a public constant like "jceks"
is in JKSP? We can also use JKSP#SCHEME_NAME rather than hardcoding "jceks" again.

- Some lines longer than 80 chars
- "faulre furing" is in two comments, typo ;)
- Rather than the wrapper that checks the getClass() is FIJKSP, we could use KeyProviderFactory#get
to get explicitly a failjceks. This is more of a sure thing, and also we'd definitely not
skip the test if somehow what we get out is not a FIJKSP.

> JavaKeystoreProvider should not report a key as created if it was not flushed to the
backing file
> -------------------------------------------------------------------------------------------------
>                 Key: HADOOP-11110
>                 URL: https://issues.apache.org/jira/browse/HADOOP-11110
>             Project: Hadoop Common
>          Issue Type: Bug
>    Affects Versions: 2.5.0
>            Reporter: Andrew Wang
>            Assignee: Arun Suresh
>         Attachments: HADOOP-11110.1.patch
> Testing with the KMS backed by JKS reveals the following:
> {noformat}
> [root@dlo-4 ~]# hadoop key create testkey -provider kms://http@localhost:16000/kms
> testkey has not been created. Mkdirs failed to create file:xxxxx
> ....<stack trace>....
> [root@dlo-4 ~]# hadoop key list -provider kms://http@localhost:16000/kms
> Listing keys for KeyProvider: KMSClientProvider[http://localhost:16000/kms/v1/]
> testkey
> {noformat}
> The JKS still has the key in memory and serves it up, but will disappear if the KMS is
restarted since it's not flushed to the file.

This message was sent by Atlassian JIRA

View raw message