Il Lun 3 Feb 2020, 16:23 Norbert Kalmar <nkal...@cloudera.com.invalid> ha scritto:
> Máté's patch fixed it for me. I don't know if this is a blocker for 3.6.0 > rc1 I don't think it is a blocker. It is not a regression Enrico , but since 3.5.7 is not even branched yet, I'll wait for this patch to > make it there. > > Thanks Máté, good catch! > > Regards, > Norbert > > On Mon, Feb 3, 2020 at 2:02 PM Szalay-Bekő Máté < > szalay.beko.m...@gmail.com> > wrote: > > > I created https://issues.apache.org/jira/browse/ZOOKEEPER-3715 and > started > > to work on it > > > > On Mon, Feb 3, 2020 at 1:12 PM Szalay-Bekő Máté < > > szalay.beko.m...@gmail.com> > > wrote: > > > > > (FYI: I tried a few more versions, the problem seems to appear between > > > OpenJDK 8.232 and 8.242. And there are a lot of kerberos related > changes > > > after 8.232: see https://hg.openjdk.java.net/jdk8u/jdk8u/jdk ) > > > > > > On Mon, Feb 3, 2020 at 12:54 PM Norbert Kalmar > > > <nkal...@cloudera.com.invalid> wrote: > > > > > >> I tested with zulu 1.8.212 on the linux machine, and with zulu > 1.8.0_163 > > >> on > > >> MacOS (whoops). I use sdkman on both machine. I upgraded to the newest > > 1.8 > > >> which is _242, at least with sdkman. > > >> And sadly, the mentioned tests also fail for me after the upgrade. > > >> > > >> So, something in the tests that the new versions of java doesn't like > :( > > >> > > >> I'm not sure either if it's a showstopper or not. But possibly this > > could > > >> come out when using kerberized ZK? Unfortunately kind of hard to test > > >> "live". > > >> > > >> Regards, > > >> Norbert > > >> > > >> On Mon, Feb 3, 2020 at 12:38 PM Szalay-Bekő Máté < > > >> szalay.beko.m...@gmail.com> > > >> wrote: > > >> > > >> > - I compiled and run all the unit tests using Ubuntu 18.04 (incl. > the > > C > > >> > client), using OpenJDK 1.8.212 > > >> > - I also built and unit tested the python client > > >> > - I did some manual tests for the multi-address feature with > multiple > > >> > virtual networks (using > > https://github.com/symat/zookeeper-docker-test) > > >> > > > >> > everything seemed to be OK, however... > > >> > > > >> > using OpenJDK 1.8.242 or OpenJDK 11.0.6, I got some kerberos related > > >> > exceptions when running the following tests: > > >> > - QuorumKerberosAuthTest > > >> > - QuorumKerberosHostBasedAuthTest > > >> > - SaslKerberosAuthOverSSLTest > > >> > > > >> > the error: > > >> > 2020-02-03 12:11:07,197 [myid:localhost:11223] - ERROR > > >> > [main-SendThread(localhost:11223):ZooKeeperSaslClient@336] - An > > error: > > >> > (java.security.PrivilegedActionException: > > >> > javax.security.sasl.SaslException: GSS initiate failed [Caused by > > >> > GSSException: No valid credentials provided (Mechanism level: null > > >> > (5001))]) occurred when evaluating Zookeeper Quorum Member's > received > > >> SASL > > >> > token. Zookeeper Client will go to AUTH_FAILED state. > > >> > > > >> > I tried it with Zulu 11.0.3 version and OpenJDK 11.0.2 version and > > both > > >> > were working fine. So it looks there might some incompatibility with > > the > > >> > more recent JDK releases. (between 1.8.212 - 1.8.242, and also > between > > >> > 11.0.3 and 11.0.6) > > >> > > > >> > I also tested on OpenJDK 13.ea.30 and that worked. > > >> > > > >> > I am not sure if it is a -1 or not... clearly these are some test > and > > >> JDK > > >> > related issues. Also it can be only some strange thing with my > > >> environment. > > >> > Can someone try to reproduce my problem? > > >> > > > >> > > > >> > Cheers, > > >> > Mate > > >> > > > >> > On Mon, Feb 3, 2020 at 4:31 AM Jordan Zimmerman < > > >> > jor...@jordanzimmerman.com> > > >> > wrote: > > >> > > > >> > > No big issues with Curator that I could find > > >> > > > > >> > > +1 (non binding) > > >> > > > > >> > > -Jordan > > >> > > > > >> > > > On Feb 1, 2020, at 10:02 AM, Enrico Olivelli < > eolive...@gmail.com > > > > > >> > > wrote: > > >> > > > > > >> > > > This is the second release candidate for Apache ZooKeeper 3.6.0. > > >> > > > > > >> > > > It is a major release and it introduces a lot of new features, > > most > > >> > > notably: > > >> > > > - Built-in data consistency check inside ZooKeeper > > >> > > > - Allow Followers to host Observers > > >> > > > - Authentication enforcement > > >> > > > - Pluggable metrics system for ZooKeeper (and Prometheus.io > > >> > integration) > > >> > > > - TLS Port unification > > >> > > > - Audit logging in ZooKeeper servers > > >> > > > - Improve resilience to network (advertise multiple addresses > for > > >> > > > members of a Zookeeper cluster) > > >> > > > - Persistent Recursive Watches > > >> > > > - add an API and the corresponding CLI to get total count of > > >> recursive > > >> > > > sub nodes under a specific path > > >> > > > > > >> > > > The full release notes is available at: > > >> > > > > > >> > > > > > >> > > > > >> > > > >> > > > https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310801&version=12326518 > > >> > > > > > >> > > > *** Please download, test and vote by February 4th 2020, 23:59 > > >> UTC+0. > > >> > *** > > >> > > > > > >> > > > Source files: > > >> > > > > https://people.apache.org/~eolivelli/zookeeper-3.6.0-candidate-1/ > > >> > > > > > >> > > > Maven staging repo: > > >> > > > > >> > > > >> > > > https://repository.apache.org/content/repositories/orgapachezookeeper-1047/ > > >> > > > > > >> > > > The staging version of the website is: > > >> > > > > > >> > > > > >> > > > >> > > > https://people.apache.org/~eolivelli/zookeeper-3.6.0-candidate-1/website/ > > >> > > > > > >> > > > The release candidate tag in git to be voted upon: > release-3.6.0-1 > > >> > > > https://github.com/apache/zookeeper/tree/release-3.6.0-1 > > >> > > > > > >> > > > ZooKeeper's KEYS file containing PGP keys we use to sign the > > >> release: > > >> > > > https://www.apache.org/dist/zookeeper/KEYS > > >> > > > > > >> > > > Please note that we are adding a new jar to the dependency set > for > > >> > > > clients: zookeeper-metrics-providers. > > >> > > > > > >> > > > Should we release this candidate? > > >> > > > > > >> > > > Enrico Olivelli > > >> > > > > >> > > > > >> > > > >> > > > > > >
