Return-Path: <hdfs-issues-return-184501-archive-asf-public=cust-asf.ponee.io@hadoop.apache.org>
X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io
Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io
Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183])
	by cust-asf2.ponee.io (Postfix) with ESMTP id D5A21200C86
	for <archive-asf-public-internal@cust-asf2.ponee.io>; Wed, 26 Apr 2017 00:16:09 +0200 (CEST)
Received: by cust-asf.ponee.io (Postfix)
	id D4438160BB3; Tue, 25 Apr 2017 22:16:09 +0000 (UTC)
Delivered-To: archive-asf-public@cust-asf.ponee.io
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by cust-asf.ponee.io (Postfix) with SMTP id 2ACA3160BB8
	for <archive-asf-public@cust-asf.ponee.io>; Wed, 26 Apr 2017 00:16:09 +0200 (CEST)
Received: (qmail 96553 invoked by uid 500); 25 Apr 2017 22:16:07 -0000
Mailing-List: contact hdfs-issues-help@hadoop.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:hdfs-issues-help@hadoop.apache.org>
List-Unsubscribe: <mailto:hdfs-issues-unsubscribe@hadoop.apache.org>
List-Post: <mailto:hdfs-issues@hadoop.apache.org>
List-Id: <hdfs-issues.hadoop.apache.org>
Delivered-To: mailing list hdfs-issues@hadoop.apache.org
Received: (qmail 96410 invoked by uid 99); 25 Apr 2017 22:16:07 -0000
Received: from pnap-us-west-generic-nat.apache.org (HELO spamd2-us-west.apache.org) (209.188.14.142)
    by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 25 Apr 2017 22:16:07 +0000
Received: from localhost (localhost [127.0.0.1])
	by spamd2-us-west.apache.org (ASF Mail Server at spamd2-us-west.apache.org) with ESMTP id 2DB321A069B
	for <hdfs-issues@hadoop.apache.org>; Tue, 25 Apr 2017 22:16:07 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at spamd2-us-west.apache.org
X-Spam-Flag: NO
X-Spam-Score: -100.002
X-Spam-Level: 
X-Spam-Status: No, score=-100.002 tagged_above=-999 required=6.31
	tests=[RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001,
	USER_IN_WHITELIST=-100] autolearn=disabled
Received: from mx1-lw-us.apache.org ([10.40.0.8])
	by localhost (spamd2-us-west.apache.org [10.40.0.9]) (amavisd-new, port 10024)
	with ESMTP id Oj7c6F0benl3 for <hdfs-issues@hadoop.apache.org>;
	Tue, 25 Apr 2017 22:16:06 +0000 (UTC)
Received: from mailrelay1-us-west.apache.org (mailrelay1-us-west.apache.org [209.188.14.139])
	by mx1-lw-us.apache.org (ASF Mail Server at mx1-lw-us.apache.org) with ESMTP id 93C065FCA1
	for <hdfs-issues@hadoop.apache.org>; Tue, 25 Apr 2017 22:16:05 +0000 (UTC)
Received: from jira-lw-us.apache.org (unknown [207.244.88.139])
	by mailrelay1-us-west.apache.org (ASF Mail Server at mailrelay1-us-west.apache.org) with ESMTP id E8853E0D2B
	for <hdfs-issues@hadoop.apache.org>; Tue, 25 Apr 2017 22:16:04 +0000 (UTC)
Received: from jira-lw-us.apache.org (localhost [127.0.0.1])
	by jira-lw-us.apache.org (ASF Mail Server at jira-lw-us.apache.org) with ESMTP id 4E77A21DC7
	for <hdfs-issues@hadoop.apache.org>; Tue, 25 Apr 2017 22:16:04 +0000 (UTC)
Date: Tue, 25 Apr 2017 22:16:04 +0000 (UTC)
From: "Rushabh S Shah (JIRA)" <jira@apache.org>
To: hdfs-issues@hadoop.apache.org
Message-ID: <JIRA.13066863.1493158201000.49246.1493158564319@Atlassian.JIRA>
In-Reply-To: <JIRA.13066863.1493158201000@Atlassian.JIRA>
References: <JIRA.13066863.1493158201000@Atlassian.JIRA> <JIRA.13066863.1493158201433@jira-lw-us.apache.org>
Subject: [jira] [Updated] (HDFS-11702) Remove indefinite caching of key
 provider uri in DFSClient
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394
archived-at: Tue, 25 Apr 2017 22:16:10 -0000


     [ https://issues.apache.org/jira/browse/HDFS-11702?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Rushabh S Shah updated HDFS-11702:
----------------------------------
    Description: 
There is an indefinite caching of key provider uri in dfsclient.
Relevant piece of code.
{code:title=DFSClient.java|borderStyle=solid}
  /**
   * The key provider uri is searched in the following order.
   * 1. If there is a mapping in Credential's secrets map for namenode uri.
   * 2. From namenode getServerDefaults rpc.
   * 3. Finally fallback to local conf.
   * @return keyProviderUri if found from either of above 3 cases,
   * null otherwise
   * @throws IOException
   */
  URI getKeyProviderUri() throws IOException {
    if (keyProviderUri != null) {
      return keyProviderUri;
    }
    // Lookup the secret in credentials object for namenodeuri.
    Credentials credentials = ugi.getCredentials();
   ...
   ...
{code}

Once the key provider uri is set, it won't refresh the value even if the key provider uri on namenode is changed.
For long running clients like on oozie servers, this means we have to bounce all the oozie servers to get the change reflected.
After this change, the client will cache the value for an hour after which it will issue getServerDefaults call and will refresh the key provider uri.

  was:
There is an indefinite caching of key provider uri in dfsclient.
Relevant piece of code.
{code:title=DFSClient.java|borderStyle=solid}
  /**
   * The key provider uri is searched in the following order.
   * 1. If there is a mapping in Credential's secrets map for namenode uri.
   * 2. From namenode getServerDefaults rpc.
   * 3. Finally fallback to local conf.
   * @return keyProviderUri if found from either of above 3 cases,
   * null otherwise
   * @throws IOException
   */
  URI getKeyProviderUri() throws IOException {
    if (keyProviderUri != null) {
      return keyProviderUri;
    }
{code}

Once the key provider uri is set, it won't refresh the value even if the key provider uri on namenode is changed.
For long running clients like on oozie servers, this means we have to bounce all the oozie servers to get the change reflected.
After this change, the client will cache the value for an hour after which it will issue getServerDefaults call and will refresh the key provider uri.


> Remove indefinite caching of key provider uri in DFSClient
> ----------------------------------------------------------
>
>                 Key: HDFS-11702
>                 URL: https://issues.apache.org/jira/browse/HDFS-11702
>             Project: Hadoop HDFS
>          Issue Type: Bug
>          Components: hdfs-client
>            Reporter: Rushabh S Shah
>            Assignee: Rushabh S Shah
>
> There is an indefinite caching of key provider uri in dfsclient.
> Relevant piece of code.
> {code:title=DFSClient.java|borderStyle=solid}
>   /**
>    * The key provider uri is searched in the following order.
>    * 1. If there is a mapping in Credential's secrets map for namenode uri.
>    * 2. From namenode getServerDefaults rpc.
>    * 3. Finally fallback to local conf.
>    * @return keyProviderUri if found from either of above 3 cases,
>    * null otherwise
>    * @throws IOException
>    */
>   URI getKeyProviderUri() throws IOException {
>     if (keyProviderUri != null) {
>       return keyProviderUri;
>     }
>     // Lookup the secret in credentials object for namenodeuri.
>     Credentials credentials = ugi.getCredentials();
>    ...
>    ...
> {code}
> Once the key provider uri is set, it won't refresh the value even if the key provider uri on namenode is changed.
> For long running clients like on oozie servers, this means we have to bounce all the oozie servers to get the change reflected.
> After this change, the client will cache the value for an hour after which it will issue getServerDefaults call and will refresh the key provider uri.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

---------------------------------------------------------------------
To unsubscribe, e-mail: hdfs-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: hdfs-issues-help@hadoop.apache.org