[kudu-CR] [build] drop RHEL/CentOS 6 OpenSSL ABI change workaround
Andrew Wong has posted comments on this change. ( http://gerrit.cloudera.org:8080/17264 ) Change subject: [build] drop RHEL/CentOS 6 OpenSSL ABI change workaround .. Patch Set 1: Code-Review+1 LGTM, but would like a look from Grant given he helped drive the OS modernization work. -- To view, visit http://gerrit.cloudera.org:8080/17264 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: I014d93b3b953d11281b928de9de43eec8ab4e997 Gerrit-Change-Number: 17264 Gerrit-PatchSet: 1 Gerrit-Owner: Alexey Serbin Gerrit-Reviewer: Alexey Serbin Gerrit-Reviewer: Andrew Wong Gerrit-Reviewer: Grant Henke Gerrit-Reviewer: Kudu Jenkins (120) Gerrit-Comment-Date: Fri, 02 Apr 2021 06:29:04 + Gerrit-HasComments: No
[kudu-CR] [build] drop RHEL/CentOS 6 OpenSSL ABI change workaround
Alexey Serbin has posted comments on this change. ( http://gerrit.cloudera.org:8080/17264 ) Change subject: [build] drop RHEL/CentOS 6 OpenSSL ABI change workaround .. Patch Set 1: Verified+1 unrelated test failure: https://issues.apache.org/jira/browse/KUDU-3216 -- To view, visit http://gerrit.cloudera.org:8080/17264 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: I014d93b3b953d11281b928de9de43eec8ab4e997 Gerrit-Change-Number: 17264 Gerrit-PatchSet: 1 Gerrit-Owner: Alexey Serbin Gerrit-Reviewer: Alexey Serbin Gerrit-Reviewer: Kudu Jenkins (120) Gerrit-Comment-Date: Fri, 02 Apr 2021 04:04:54 + Gerrit-HasComments: No
[kudu-CR] [build] drop RHEL/CentOS 6 OpenSSL ABI change workaround
Alexey Serbin has removed a vote on this change. Change subject: [build] drop RHEL/CentOS 6 OpenSSL ABI change workaround .. Removed Verified-1 by Kudu Jenkins (120) -- To view, visit http://gerrit.cloudera.org:8080/17264 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: deleteVote Gerrit-Change-Id: I014d93b3b953d11281b928de9de43eec8ab4e997 Gerrit-Change-Number: 17264 Gerrit-PatchSet: 1 Gerrit-Owner: Alexey Serbin Gerrit-Reviewer: Alexey Serbin Gerrit-Reviewer: Kudu Jenkins (120)
[kudu-CR] [build] drop RHEL/CentOS 6 OpenSSL ABI change workaround
Alexey Serbin has uploaded this change for review. ( http://gerrit.cloudera.org:8080/17264 Change subject: [build] drop RHEL/CentOS 6 OpenSSL ABI change workaround .. [build] drop RHEL/CentOS 6 OpenSSL ABI change workaround Changelist 10f525519 introduced a workaround to an OpenSSL ABI compatibility break between RHEL/CentOS 6.4 and later versions. RHEL/CentOS 6 is beyond its EOL date already and Kudu doesn't officially support it since 1.14 release [1], so this patch removes the workaround accordingly. Nevertheless, even with this patch, Kudu can still be compiled and run on RHEL/CentOS 6, as before. The only change is that now it compiles against the OpenSSL which came with the OS at the build machine, not the OpenSSL which came with RHEL/CentOS 6.4. [1] https://kudu.apache.org/releases/1.14.0/docs/release_notes.html Change-Id: I014d93b3b953d11281b928de9de43eec8ab4e997 --- M CMakeLists.txt M src/kudu/security/openssl_util.cc M src/kudu/server/webserver-test.cc M src/kudu/server/webserver.cc M thirdparty/download-thirdparty.sh M thirdparty/vars.sh 6 files changed, 0 insertions(+), 34 deletions(-) git pull ssh://gerrit.cloudera.org:29418/kudu refs/changes/64/17264/1 -- To view, visit http://gerrit.cloudera.org:8080/17264 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: newchange Gerrit-Change-Id: I014d93b3b953d11281b928de9de43eec8ab4e997 Gerrit-Change-Number: 17264 Gerrit-PatchSet: 1 Gerrit-Owner: Alexey Serbin
[kudu-CR] KUDU-2612: rollback txn on TXN LOCKED ABORT
Andrew Wong has uploaded this change for review. ( http://gerrit.cloudera.org:8080/17263 Change subject: KUDU-2612: rollback txn on TXN_LOCKED_ABORT .. KUDU-2612: rollback txn on TXN_LOCKED_ABORT Previously it was required that clients manually rollback transactions when their ops failed with TXN_LOCKED_ABORTED (seen as an Aborted error). Rather than pushing the burden onto application users, this patch attempts to alleviate this by hooking in a callback to rollback transactions automatically if any write op fails with TXN_LOCKED_ABORT. Of course, users are still free to Rollback() on error -- this patch is simply meant to automate it in case the user doesn't, giving us a bit more control over ensuring our transactions don't lead to a deadlock. Change-Id: I25415cad0cfb08d260e23bd8b368852a5006c1fb --- M src/kudu/integration-tests/txn_write_ops-itest.cc M src/kudu/tserver/tablet_service.cc M src/kudu/tserver/ts_tablet_manager.cc M src/kudu/tserver/ts_tablet_manager.h 4 files changed, 65 insertions(+), 12 deletions(-) git pull ssh://gerrit.cloudera.org:29418/kudu refs/changes/63/17263/1 -- To view, visit http://gerrit.cloudera.org:8080/17263 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: newchange Gerrit-Change-Id: I25415cad0cfb08d260e23bd8b368852a5006c1fb Gerrit-Change-Number: 17263 Gerrit-PatchSet: 1 Gerrit-Owner: Andrew Wong
[kudu-CR] KUDU-2612: acquire and release partition lock
Andrew Wong has uploaded a new patch set (#6) to the change originally created by Hao Hao. ( http://gerrit.cloudera.org:8080/17159 ) Change subject: KUDU-2612: acquire and release partition lock .. KUDU-2612: acquire and release partition lock This patch plumbs partition locks into participant and write ops for transactional and non-transactional operations. For each transaction, we try to acquire the partition lock in the ParticipantOp prepare phase of BEGIN_TXN and release the lock when COMMIT_TXN or ABORT_TXN is applied. Moreover, we take the partition lock for non-transactional write ops as well to ensure we don’t have duplicate keys. If the partition lock cannot be acquired, the transaction (or write op) is aborted or retried. A flag is also introduced to disable this locking for tests that currently expect support for concurrent transactions. Change-Id: If26733cae16810f3b3afd1fd05dcb984e6366939 --- M src/kudu/client/batcher.cc M src/kudu/integration-tests/fuzz-itest.cc M src/kudu/integration-tests/txn_commit-itest.cc M src/kudu/integration-tests/txn_participant-itest.cc M src/kudu/integration-tests/txn_write_ops-itest.cc M src/kudu/tablet/ops/participant_op.cc M src/kudu/tablet/ops/participant_op.h M src/kudu/tablet/ops/write_op.cc M src/kudu/tablet/ops/write_op.h M src/kudu/tablet/tablet.cc M src/kudu/tablet/tablet.h M src/kudu/tablet/tablet_bootstrap.cc M src/kudu/tablet/txn_participant-test.cc M src/kudu/tablet/txn_participant.cc M src/kudu/tablet/txn_participant.h M src/kudu/transactions/participant_rpc.cc 16 files changed, 552 insertions(+), 21 deletions(-) git pull ssh://gerrit.cloudera.org:29418/kudu refs/changes/59/17159/6 -- To view, visit http://gerrit.cloudera.org:8080/17159 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: newpatchset Gerrit-Change-Id: If26733cae16810f3b3afd1fd05dcb984e6366939 Gerrit-Change-Number: 17159 Gerrit-PatchSet: 6 Gerrit-Owner: Hao Hao Gerrit-Reviewer: Alexey Serbin Gerrit-Reviewer: Andrew Wong Gerrit-Reviewer: Hao Hao Gerrit-Reviewer: Kudu Jenkins (120) Gerrit-Reviewer: Tidy Bot (241)
[kudu-CR] [encryption] Add encryption support to Env
Hello Alexey Serbin, Andrew Wong, Bankim Bhavsar, I'd like you to reexamine a change. Please visit http://gerrit.cloudera.org:8080/17251 to look at the new patch set (#4). Change subject: [encryption] Add encryption support to Env .. [encryption] Add encryption support to Env This commit introduces reading and writing encrypted files through Env. At this stage, encryption is not usable, as it uses a static dummy key. Originally, I wanted to use a simple Caesar's cipher like ROT13 until the rest of the key infra is in place, but then I decided this proof of concept implementation should also prove that CTR, which is our chosen mode of operation[1] works for our access patterns, so I ended up using OpenSSL even in this proof of concept, albeit with a static key and key size. [1] https://s.apache.org/kudu-atrest-enc-design Change-Id: Id5a81b5736a0c1970818dbbc4a234480476b8d41 --- M src/kudu/util/CMakeLists.txt M src/kudu/util/coding-inl.h M src/kudu/util/env-test.cc M src/kudu/util/env.h M src/kudu/util/env_posix.cc 5 files changed, 305 insertions(+), 37 deletions(-) git pull ssh://gerrit.cloudera.org:29418/kudu refs/changes/51/17251/4 -- To view, visit http://gerrit.cloudera.org:8080/17251 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: newpatchset Gerrit-Change-Id: Id5a81b5736a0c1970818dbbc4a234480476b8d41 Gerrit-Change-Number: 17251 Gerrit-PatchSet: 4 Gerrit-Owner: Attila Bukor Gerrit-Reviewer: Alexey Serbin Gerrit-Reviewer: Andrew Wong Gerrit-Reviewer: Attila Bukor Gerrit-Reviewer: Bankim Bhavsar
[kudu-CR] KUDU-2871 support TLSv1.3 in Kudu RPC (Java part)
Hello Kudu Jenkins, Andrew Wong, Grant Henke, I'd like you to reexamine a change. Please visit http://gerrit.cloudera.org:8080/17245 to look at the new patch set (#4). Change subject: KUDU-2871 support TLSv1.3 in Kudu RPC (Java part) .. KUDU-2871 support TLSv1.3 in Kudu RPC (Java part) With this patch, Kudu Java client is able to talk TLSv1.3 to the server side. Essentially, this is about adding TLSv1.3 ciphers into the list of preferred cipher suites in Negotiator.java and sending a chunk of data produced by the final TLSv1.3 handshake iteration to the server when the client senses that the TLS handshake is done. Prior to this patch, Kudu Java client didn't support TLSv1.3 for RPC because: * It didn't have ciphers required for TLSv1.3 * It didn't send back the last chunk of data to the server side in the end of the TLS handshake process The former is crucial to allow for backward compatibility of Java clients of prior versions to work with newer, TLSv1.3-capable Kudu servers. In other words, TLSv1.2 is the highest protocol version that Kudu Java clients of prior versions are able to use even if talking to newer Kudu servers which are capable talking TLSv1.3. This patch also contains a new test scenario to verify the functionality of TLSv1.3-enabled RPC between a Java client and a Kudu cluster. The newly added scenario runs only if both the JVM and the node's OpenSSL library support TLSv1.3. Change-Id: I884170bdbded8b4017a80db34ecc0a755426c5c2 --- M java/kudu-client/src/main/java/org/apache/kudu/client/Negotiator.java A java/kudu-client/src/test/java/org/apache/kudu/client/TestNegotiationTLSv13.java 2 files changed, 206 insertions(+), 20 deletions(-) git pull ssh://gerrit.cloudera.org:29418/kudu refs/changes/45/17245/4 -- To view, visit http://gerrit.cloudera.org:8080/17245 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: newpatchset Gerrit-Change-Id: I884170bdbded8b4017a80db34ecc0a755426c5c2 Gerrit-Change-Number: 17245 Gerrit-PatchSet: 4 Gerrit-Owner: Alexey Serbin Gerrit-Reviewer: Alexey Serbin Gerrit-Reviewer: Andrew Wong Gerrit-Reviewer: Grant Henke Gerrit-Reviewer: Kudu Jenkins (120)
[kudu-CR] KUDU-2871 support TLSv1.3 in Kudu RPC (Java part)
Alexey Serbin has posted comments on this change. ( http://gerrit.cloudera.org:8080/17245 ) Change subject: KUDU-2871 support TLSv1.3 in Kudu RPC (Java part) .. Patch Set 3: Verified+1 unrelated test failure in org.apache.kudu.client.TestMultipleLeaderFailover -- To view, visit http://gerrit.cloudera.org:8080/17245 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: I884170bdbded8b4017a80db34ecc0a755426c5c2 Gerrit-Change-Number: 17245 Gerrit-PatchSet: 3 Gerrit-Owner: Alexey Serbin Gerrit-Reviewer: Alexey Serbin Gerrit-Reviewer: Andrew Wong Gerrit-Reviewer: Grant Henke Gerrit-Reviewer: Kudu Jenkins (120) Gerrit-Comment-Date: Thu, 01 Apr 2021 18:00:41 + Gerrit-HasComments: No
[kudu-CR] KUDU-2871 support TLSv1.3 in Kudu RPC (Java part)
Alexey Serbin has removed a vote on this change. Change subject: KUDU-2871 support TLSv1.3 in Kudu RPC (Java part) .. Removed Verified-1 by Kudu Jenkins (120) -- To view, visit http://gerrit.cloudera.org:8080/17245 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: deleteVote Gerrit-Change-Id: I884170bdbded8b4017a80db34ecc0a755426c5c2 Gerrit-Change-Number: 17245 Gerrit-PatchSet: 3 Gerrit-Owner: Alexey Serbin Gerrit-Reviewer: Alexey Serbin Gerrit-Reviewer: Andrew Wong Gerrit-Reviewer: Grant Henke Gerrit-Reviewer: Kudu Jenkins (120)