Alexey Serbin has posted comments on this change. ( http://gerrit.cloudera.org:8080/9052 )
Change subject: KUDU-1927: no half-baked responses on ConnectoToMaster ...................................................................... Patch Set 5: (1 comment) http://gerrit.cloudera.org:8080/#/c/9052/5/src/kudu/master/master_service.cc File src/kudu/master/master_service.cc: http://gerrit.cloudera.org:8080/#/c/9052/5/src/kudu/master/master_service.cc@507 PS5, Line 507: (!has_cert || (!has_authn_token && needs_authn_token))) { > Isn't it necessary for it to do so in the case that encryption is disabled? Right, we don't need to issue a token to a client if authentication is disabled (I think the encryption part is already handled by the 'rpc->is_confidential()' part). But our code does this anyway up to the current version anyway. We can update that behavior accordingly. I think my question here is: what should be the behavior of the master in this method if authentication is enabled (i.e. --rpc_authentication={optional,required}) and there was an error while generating the authn token? Should client still receive such a response as from leader master, or not? Probably, that's a theoretical question right now, I'd like to know what we do expect from our masters in that case. If you don't like the idea of updating the role of the master in response due to that failure, would it be OK just to add CHECK() or LOG(FATAL) instead of KLOG_EVERY_N_SECS(WARNING, 1) at line 494? -- To view, visit http://gerrit.cloudera.org:8080/9052 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: Ib9c906863f5f0e1995041281b122135e1b2cd3a4 Gerrit-Change-Number: 9052 Gerrit-PatchSet: 5 Gerrit-Owner: Alexey Serbin <[email protected]> Gerrit-Reviewer: Adar Dembo <[email protected]> Gerrit-Reviewer: Alexey Serbin <[email protected]> Gerrit-Reviewer: Dan Burkert <[email protected]> Gerrit-Reviewer: Kudu Jenkins Gerrit-Reviewer: Tidy Bot Gerrit-Reviewer: Todd Lipcon <[email protected]> Gerrit-Comment-Date: Thu, 25 Jan 2018 01:45:01 +0000 Gerrit-HasComments: Yes
