[
https://issues.apache.org/jira/browse/HDDS-580?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16645731#comment-16645731
]
Xiaoyu Yao commented on HDDS-580:
---------------------------------
Thanks [~ajayydv] for working on this. The patch looks good to me overall. Here
are a few comments:
SecurityUtils.java
Line 59: NIT: keyWriter=>keyHandler
Line 64/70: should we return the Public/Private KeyPair from the create or load
methods so that the key can be used by individual components?
StorageContainerManager.java
Line 483:should we move this to bootstrap only during INIT and/or a separate
INIT_SECURITY (if the SCM has been INIT without security) with more logging? We
also need member to hold the public/private key pair returned. This way, the
one time security init will be done explicitly instead of implicitly.
OzoneManager.java
Line 350-357: should we move the CREATEOBJECTSTORE or INIT_SECURITY with more
logging? This way, the one time security init will be done explicitly instead
of implicitly. We also need member to hold the public/private key pair
returned.
> Bootstrap OM/SCM with private/public key pair
> ---------------------------------------------
>
> Key: HDDS-580
> URL: https://issues.apache.org/jira/browse/HDDS-580
> Project: Hadoop Distributed Data Store
> Issue Type: Sub-task
> Reporter: Xiaoyu Yao
> Assignee: Ajay Kumar
> Priority: Major
> Attachments: HDDS-4-HDDS-580.00.patch, HDDS-580-HDDS-4.00.patch
>
>
> We will need to add API that leverage the key generator from HDDS-100 to
> generate public/private key pair for OM/SCM, this will be called by the
> scm/om admin cli with "-init" cmd.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
