[jira] [Commented] (HDFS-14129) RBF: Create new policy provider for router

Sun, 09 Dec 2018 21:37:34 -0800 


    [ 
https://issues.apache.org/jira/browse/HDFS-14129?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16714310#comment-16714310
 ] 

Surendra Singh Lilhore commented on HDFS-14129:
-----------------------------------------------

Thanks [~RANith] for patch

Some comments from my side

1. Change this property to "*security.router.admin.protocol.acl*".
{code:java}
+  public static final String SECURITY_ROUTERADMIN_PROTOCOL_ACL =
+      "security.routeradmin.protocol.acl";{code}

2. Please add {{InterfaceAudience}} for {{RouterPolicyProvider.}}

3. I think by mistake you given wrong protocol name here, pls change 
{{ReconfigurationProtocol.class}} to {{RouterAdminProtocol.class}}
{code:java}
+      new Service(
+            CommonConfigurationKeys.SECURITY_ROUTERADMIN_PROTOCOL_ACL,
+            ReconfigurationProtocol.class){code}

4. Change Policy provider object in {{RouterRpcServer}} also.

5. Pls fix the check style, whitespace and find bugs warnings.

> RBF: Create new policy provider for router
> ------------------------------------------
>
>                 Key: HDFS-14129
>                 URL: https://issues.apache.org/jira/browse/HDFS-14129
>             Project: Hadoop HDFS
>          Issue Type: Sub-task
>          Components: namenode
>    Affects Versions: HDFS-13532
>            Reporter: Surendra Singh Lilhore
>            Assignee: Ranith Sardar
>            Priority: Major
>         Attachments: HDFS-14129-HDFS-13891.001.patch
>
>
> Router is usingĀ *{{HDFSPolicyProvider}}*. We can't add new protocol in this 
> class for router, its better to create in policy provider for Router.
> {code:java}
> // Set service-level authorization security policy
> if (conf.getBoolean(HADOOP_SECURITY_AUTHORIZATION, false)) {
> this.adminServer.refreshServiceAcl(conf, new HDFSPolicyProvider());
> }
> {code}
> I got this issue when I am verified HDFS-14079 with secure cluster.
> {noformat}
> ./bin/hdfs dfsrouteradmin -ls /
> ls: Protocol interface org.apache.hadoop.hdfs.protocolPB.RouterAdminProtocol 
> is not known.
> org.apache.hadoop.ipc.RemoteException(org.apache.hadoop.security.authorize.AuthorizationException):
>  Protocol interface org.apache.hadoop.hdfs.protocolPB.RouterAdminProtocol is 
> not known.
>         at org.apache.hadoop.ipc.Client.getRpcResponse(Client.java:1520)
>         at org.apache.hadoop.ipc.Client.call(Client.java:1466)
> {noformat}



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org

Reply via email to