hbase-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Hadoop QA (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HBASE-14865) Support passing multiple QOPs to SaslClient/Server via hbase.rpc.protection
Date Tue, 01 Dec 2015 04:59:11 GMT

    [ https://issues.apache.org/jira/browse/HBASE-14865?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15033087#comment-15033087

Hadoop QA commented on HBASE-14865:

{color:red}-1 overall{color}.  Here are the results of testing the latest attachment 
  against master branch at commit 756e6de2a0948c39a4fb3ab880dd9d182d645dbc.
  ATTACHMENT ID: 12774921

    {color:green}+1 @author{color}.  The patch does not contain any @author tags.

    {color:green}+1 tests included{color}.  The patch appears to include 27 new or modified

    {color:green}+1 hadoop versions{color}. The patch compiles with all supported hadoop versions
(2.4.0 2.4.1 2.5.0 2.5.1 2.5.2 2.6.0 2.6.1 2.7.0 2.7.1)

    {color:green}+1 javac{color}.  The applied patch does not increase the total number of
javac compiler warnings.

    {color:green}+1 protoc{color}.  The applied patch does not increase the total number of
protoc compiler warnings.

    {color:red}-1 javadoc{color}.  The javadoc tool appears to have generated 2 warning messages.

    {color:green}+1 checkstyle{color}. The applied patch does not generate new checkstyle

    {color:green}+1 findbugs{color}.  The patch does not introduce any  new Findbugs (version
2.0.3) warnings.

    {color:green}+1 release audit{color}.  The applied patch does not increase the total number
of release audit warnings.

    {color:green}+1 lineLengths{color}.  The patch does not introduce lines longer than 100

  {color:green}+1 site{color}.  The mvn post-site goal succeeds with this patch.

    {color:green}+1 core tests{color}.  The patch passed unit tests in .

Test results: https://builds.apache.org/job/PreCommit-HBASE-Build/16705//testReport/
Release Findbugs (version 2.0.3) 	warnings: https://builds.apache.org/job/PreCommit-HBASE-Build/16705//artifact/patchprocess/newFindbugsWarnings.html
Checkstyle Errors: https://builds.apache.org/job/PreCommit-HBASE-Build/16705//artifact/patchprocess/checkstyle-aggregate.html

  Javadoc warnings: https://builds.apache.org/job/PreCommit-HBASE-Build/16705//artifact/patchprocess/patchJavadocWarnings.txt
Console output: https://builds.apache.org/job/PreCommit-HBASE-Build/16705//console

This message is automatically generated.

> Support passing multiple QOPs to SaslClient/Server via hbase.rpc.protection
> ---------------------------------------------------------------------------
>                 Key: HBASE-14865
>                 URL: https://issues.apache.org/jira/browse/HBASE-14865
>             Project: HBase
>          Issue Type: Improvement
>          Components: security
>            Reporter: Appy
>            Assignee: Appy
>         Attachments: HBASE-14865-master-v2.patch, HBASE-14865-master-v3.patch, HBASE-14865-master-v4.patch,
HBASE-14865-master-v5.patch, HBASE-14865-master-v6.patch, HBASE-14865-master.patch
> Currently, we can set the value of hbase.rpc.protection to one of authentication/integrity/privacy.
It is the used to set {{javax.security.sasl.qop}} in SaslUtil.java.
> The problem is, if a cluster wants to switch from one qop to another, it'll have to take
a downtime. Rolling upgrade will create a situation where some nodes have old value and some
have new, which'll prevent any communication between them. There will be similar issue when
clients will try to connect.
> {{javax.security.sasl.qop}} can take in a list of QOP in preferences order. So a transition
from qop1 to qop2 can be easily done like this
> "qop1" --> "qop2,qop1" --> rolling restart --> "qop2" --> rolling restart
> Need to change hbase.rpc.protection to accept a list too.

This message was sent by Atlassian JIRA

View raw message