[
https://issues.apache.org/jira/browse/HDDS-9366?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17771193#comment-17771193
]
Ritesh Shukla commented on HDDS-9366:
-------------------------------------
For the Datanode token validation, the situation in which the token has expired
but not been refreshed on the datanode should be a very rare event as there is
an overlap between the token expiration and when the new token is fetched.
> Only the Ratis leader DataNode should verify ACL and block token
> -----------------------------------------------------------------
>
> Key: HDDS-9366
> URL: https://issues.apache.org/jira/browse/HDDS-9366
> Project: Apache Ozone
> Issue Type: Bug
> Reporter: Wei-Chiu Chuang
> Assignee: Duong
> Priority: Major
>
> Today the DataNode perform ACL check and block token verification on each
> DataNodes.
>
> This is wrong, as DataNode can diverge in state. Only leader DN should decide
> to accept a request or not. I have seen a case where the follower reject a
> request because its block token expired, but the leader accepted the request.
> State diverged.
>
> cc: [~szetszwo] [~duongnguyen] [~ritesh]
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
