[
https://issues.apache.org/jira/browse/HADOOP-13437?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15421693#comment-15421693
]
Andrew Wang commented on HADOOP-13437:
--------------------------------------
Hey [~asuresh], could you go into a little more detail as to why this behavior
is desirable? I agree with Xiao on it making things more complicated regarding
the whitelist/defaults and ACL deployment generally.
FWIW the KMS docs just say "This file is hot-reloaded when it changes" without
mention of it applying to some types of ACLs and not others.
One patch review comment, could we change the "Should not configure..." log
warn to say something like "Invalid {} ACL for KEY_OP {}, ignoring"? I think
that's more clear. Otherwise the intent looks good to me.
> KMS should reload whitelist and default key ACLs when hot-reloading
> -------------------------------------------------------------------
>
> Key: HADOOP-13437
> URL: https://issues.apache.org/jira/browse/HADOOP-13437
> Project: Hadoop Common
> Issue Type: Bug
> Components: kms
> Affects Versions: 2.6.0
> Reporter: Xiao Chen
> Assignee: Xiao Chen
> Attachments: HADOOP-13437.01.patch, HADOOP-13437.02.patch,
> HADOOP-13437.03.patch, HADOOP-13437.04.patch
>
>
> When hot-reloading, {{KMSACLs#setKeyACLs}} ignores whitelist and default key
> entries if they're present in memory.
> We should reload them, hot-reload and cold-start should not have any
> difference in behavior.
> Credit to [~dilaver] for finding this.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
