hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Xiaoyu Yao (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HDDS-100) SCM CA: generate public/private key pair for SCM/OM/DNs
Date Fri, 01 Jun 2018 03:35:00 GMT

    [ https://issues.apache.org/jira/browse/HDDS-100?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16497510#comment-16497510
] 

Xiaoyu Yao commented on HDDS-100:
---------------------------------

Thanks [~ajayydv] for the patch. It looks good to me overall. I just have a few minor comments:

 

Pom.xml

 

This brought in the bouncycastle which other sub-project poms exclude to avoid transitive
dependency. (E.g., hadoop-auth and hadoop-common). Can you confirm if bcprov-jdk15on is a
safe dependency to add here?

 

HddsConfigKeys.java

Line 28: typo: HDDFS_DEFAULT => HDDS_DEFAULT

Line 29/30: NIT: HDDS_KEY_ALGO=>HDDS_KEY_ALGORITHM

 

Line 38: should we name it consistent with Line 33/34 using a relative dir name?

Line 39-41: NIT: HDDS_PRI->HDDS_PRIVATE

 

HDDSKeyGenerator.java

package-info.java

Suggest put it under /hdds/*security*/x509/HDDSKeyGenerator.java, similar files should put
under hdds/security package namespace as well.

 

HDDSKeyPEMWriter.java

Line 154: miss basePath javadoc

Line 173:  should we check permission and set only if it is different? Do we expect the caller
to handle the permission change failures? Can we add a LOG.error here and throw more specific
IOE like other places?

 

Line 204-207: do we support password protected PKCS#8 or other format?

Line 207/213: define const for "PRIVATE KEY" and "PUBLIC KEY"

 

SecurityConfig.java

Line 99: NIT: we can synchronize on SecurityConfig.class without the SYNC object.

 

 

*ozone-default.xml*

Line 1137/1145: please elaborate if this is for absolute path or relative path to the metadata
root?

 

Line 1153: private key file

Line 1161: public key file

> SCM CA: generate public/private key pair for SCM/OM/DNs
> -------------------------------------------------------
>
>                 Key: HDDS-100
>                 URL: https://issues.apache.org/jira/browse/HDDS-100
>             Project: Hadoop Distributed Data Store
>          Issue Type: Sub-task
>            Reporter: Xiaoyu Yao
>            Assignee: Ajay Kumar
>            Priority: Major
>             Fix For: 0.3.0
>
>         Attachments: HDDS-100-HDDS-4.00.patch
>
>




--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: hdfs-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: hdfs-issues-help@hadoop.apache.org


Mime
View raw message