[
https://issues.apache.org/jira/browse/KUDU-2580?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Alexey Serbin updated KUDU-2580:
--------------------------------
Component/s: (was: master)
security
client
> C++ client does not re-acquire authn token in some scenarios in case of
> multi-master Kudu cluster
> -------------------------------------------------------------------------------------------------
>
> Key: KUDU-2580
> URL: https://issues.apache.org/jira/browse/KUDU-2580
> Project: Kudu
> Issue Type: Bug
> Components: client, security
> Affects Versions: 1.4.0, 1.5.0, 1.6.0, 1.7.0, 1.7.1
> Reporter: Alexey Serbin
> Assignee: Alexey Serbin
> Priority: Major
> Fix For: 1.8.0
>
>
> In case of multi-master Kudu cluster, the C++ client fails to re-acquire
> authn token in the following scenario:
> # Client is running against a multi-master cluster.
> # Client successfully authenticates and gets an authn token by calling
> ConnectToCluster.
> # Client keeps the connection to leader master open, but follower masters
> close connections to the client due to inactivity.
> # After the authn token expires, a change in the master leadership happens.
> # Client tries to open a table, first making a request to the former leader
> master. However, the former leader returns NOT_THE_LEADER error.
> Eventually, the latter operation fails out with the following error:
> {{Timed out: GetTableSchema timed out after deadline expired}}
> In the case of that error, along with the message above, the client is also
> logging messages like:
> {{Unable to determine the new leader Master: Not authorized: Client
> connection negotiation failed: client connection to IP:port:
> FATAL_INVALID_AUTHENTICATION_TOKEN: Not authorized: authentication token
> expired}}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
