You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@ozone.apache.org by "Vivek Ratnavel Subramanian (Jira)" <ji...@apache.org> on 2021/08/19 19:30:00 UTC
[jira] [Updated] (HDDS-5556) GrpcReplication Client might fail in
SCM HA Cluster
[ https://issues.apache.org/jira/browse/HDDS-5556?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Vivek Ratnavel Subramanian updated HDDS-5556:
---------------------------------------------
Summary: GrpcReplication Client might fail in SCM HA Cluster (was: GrpcReplication Client may fail in SCM HA Cluster)
> GrpcReplication Client might fail in SCM HA Cluster
> ---------------------------------------------------
>
> Key: HDDS-5556
> URL: https://issues.apache.org/jira/browse/HDDS-5556
> Project: Apache Ozone
> Issue Type: Bug
> Components: Ozone Datanode
> Reporter: Bharat Viswanadham
> Assignee: Vivek Ratnavel Subramanian
> Priority: Blocker
>
> Scenario:
> 1. DN1 got cert from SCM1
> 2. DN2 got cert from SCM2
> 3. DN3 got cert from SCM3
> 4. DN4 got cert from SCM3
> And now one of the closed container is under replicated due to DN3 faiilure, and DN4 is choose for replication it will fail during secure channel setup.
> {code:java}
> sslContextBuilder
> .trustManager(certClient.getCACertificate)
> .clientAuth(ClientAuth.REQUIRE)
> .keyManager(certClient.getPrivateKey(),
> certClient.getCertificate());
> {code}
> In SCM HA kind of setup we should pass for truststore all the CA certs to setup a secure channel.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org
For additional commands, e-mail: issues-help@ozone.apache.org