[ https://issues.apache.org/jira/browse/HADOOP-15980?focusedWorklogId=723132&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-723132 ]
ASF GitHub Bot logged work on HADOOP-15980: ------------------------------------------- Author: ASF GitHub Bot Created on: 08/Feb/22 20:14 Start Date: 08/Feb/22 20:14 Worklog Time Spent: 10m Work Description: vnhive opened a new pull request #3966: URL: https://github.com/apache/hadoop/pull/3966 HADOOP-15980 : Enable TLS in RPC client/server 1 HADOOP-15980 : Enable TLS in RPC client/server ================================================ This pull request integrates the work done in the JIRAs for, - HADOOP-15978 : Add Netty support to the RPC server - HADOOP-15979 : Add Netty support to the RPC client and then creates a prototype for enabling the SSL Handler over the channel pipeline created in the above JIRAs. Specifically the following work has been done, 1.1 HADOOP-15978 : Add Netty Support to the RPC Server ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - Integrating the initial patch submitted by Daryn - Integrating the patch for JAR shading provided by Wei-Chiu Chuang. - Fixes for unit test failures - Adding comments and Javadoc. 1.2 HADOOP-15979 : Add Netty support to the RPC client ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - Integrating the initial patch submitted by Daryn. - Addressing the initial comments given by Wei-Chiu Chuang on the patch. - Enabling the Netty Client flag in the unit tests. 1.3 HADOOP-15980 : Enable TLS in RPC client/server ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - Post the above changes we added the SSLHandlers to the Server and Client Channel pipelines and building the SSLContext from a SelfSignedCertificate class. - We had to change NettyOutputStream::write to use Channel::writeAndFlush. We had to do this because the connection context packet was not being flushed when a tez session was being opened. The packet sent after the connection context packet was being parsed as the header packet causing an error. - We have a prototype internally using which Hive insert queries are running successfully. - There are unit test failures that we are working on fixing. - I have discussed the changes with Akira offline. I highly respect his opinion to share early versions of the patches and solicit feedback on the changes continuously. Although the current patch is not complete I am submitting it to solicit feedback. I will also keep posting patches continuously. - I am also taking Akira's advice and tagging @daryn-sharp and @jojochuang . -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org Issue Time Tracking ------------------- Worklog Id: (was: 723132) Remaining Estimate: 0h Time Spent: 10m > Enable TLS in RPC client/server > ------------------------------- > > Key: HADOOP-15980 > URL: https://issues.apache.org/jira/browse/HADOOP-15980 > Project: Hadoop Common > Issue Type: Sub-task > Components: ipc, security > Reporter: Daryn Sharp > Assignee: Daryn Sharp > Priority: Major > Time Spent: 10m > Remaining Estimate: 0h > > Once the RPC client and server can be configured to use Netty, the TLS engine > can be added to the channel pipeline. The server should allow QoS-like > functionality to determine if TLS is mandatory or optional for a client. -- This message was sent by Atlassian Jira (v8.20.1#820001) --------------------------------------------------------------------- To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: common-issues-h...@hadoop.apache.org