[
https://issues.apache.org/jira/browse/HADOOP-11017?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14145388#comment-14145388
]
Jian He commented on HADOOP-11017:
----------------------------------
the changes for fixing YARN looks fine to me. Regarding KMS, not sure the
following change is intentional, just want to bring up.
{{updateMasterKey(key)}} is invoked inside {{updateDelegationKey(currentKey)}},
but I think the {{currentKey}} passed in at this time is still the old
currentKey not the updated key.
{code}
synchronized (this) {
removeExpiredKeys();
currentKey.setExpiryDate(Time.now() + tokenMaxLifetime);
updateDelegationKey(currentKey);
}
{code}
> KMS delegation token secret manager should be able to use zookeeper as store
> ----------------------------------------------------------------------------
>
> Key: HADOOP-11017
> URL: https://issues.apache.org/jira/browse/HADOOP-11017
> Project: Hadoop Common
> Issue Type: Improvement
> Components: security
> Affects Versions: 2.6.0
> Reporter: Alejandro Abdelnur
> Assignee: Arun Suresh
> Fix For: 2.6.0
>
> Attachments: HADOOP-11017.1.patch, HADOOP-11017.10.patch,
> HADOOP-11017.11.patch, HADOOP-11017.12.patch, HADOOP-11017.2.patch,
> HADOOP-11017.3.patch, HADOOP-11017.4.patch, HADOOP-11017.5.patch,
> HADOOP-11017.6.patch, HADOOP-11017.7.patch, HADOOP-11017.8.patch,
> HADOOP-11017.9.patch, HADOOP-11017.WIP.patch
>
>
> This will allow supporting multiple KMS instances behind a load balancer.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
