[jira] [Work logged] (KNOX-2399) Implement ZK token state service

Tue, 14 Jul 2020 07:44:20 -0700 


     [ 
https://issues.apache.org/jira/browse/KNOX-2399?focusedWorklogId=458684&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-458684
 ]

ASF GitHub Bot logged work on KNOX-2399:
----------------------------------------

                Author: ASF GitHub Bot
            Created on: 14/Jul/20 14:43
            Start Date: 14/Jul/20 14:43
    Worklog Time Spent: 10m 
      Work Description: pzampino commented on pull request #361:
URL: https://github.com/apache/knox/pull/361#issuecomment-658221309


   > I have few concerns
   > 
   > 3. ZK is not not build to store data in this case we are storing sensitive 
data. In case of loss of quorum TSS will be significantly impacted (unless we 
store the tokens locally and then sync to ZK). Also, if we push a whole bunch 
of tokens in ZK we might impact other services negatively.
   
   Since this implementation is based on the AliasBasedTokenStateService, it 
also employs a local cache and the token state journaling facility to mitigate 
potential token state loss. Further, I think the ZookeeperRemoteAliasService 
(used by this implementation) keeps the local keystore in sync, correct?
   
   > 4. I foresee performance issues in case token size increases.
   
   There is certainly performance testing yet to be done, at least to 
understand the limitations of this implementation.
   


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


Issue Time Tracking
-------------------

    Worklog Id:     (was: 458684)
    Time Spent: 2.5h  (was: 2h 20m)

> Implement ZK token state service
> --------------------------------
>
>                 Key: KNOX-2399
>                 URL: https://issues.apache.org/jira/browse/KNOX-2399
>             Project: Apache Knox
>          Issue Type: Task
>    Affects Versions: 1.4.0
>            Reporter: Sandor Molnar
>            Assignee: Sandor Molnar
>            Priority: Major
>             Fix For: 1.5.0
>
>          Time Spent: 2.5h
>  Remaining Estimate: 0h
>
> Implement a new {{TokenStateService}} implementation which stores/fetches 
> token related metadata in Zookeeper. The new service should be configurable 
> to directly go to Zookeeper or use some local cache (e.g. a local alias 
> service).



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Reply via email to