You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@ozone.apache.org by "Bharat Viswanadham (Jira)" <ji...@apache.org> on 2021/06/08 06:49:00 UTC
[jira] [Updated] (HDDS-5317) BootStrapped SCM fails to bootstrap if
it connects to bootstrapped SCM first
[ https://issues.apache.org/jira/browse/HDDS-5317?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Bharat Viswanadham updated HDDS-5317:
-------------------------------------
Component/s: Security
SCM HA
> BootStrapped SCM fails to bootstrap if it connects to bootstrapped SCM first
> ----------------------------------------------------------------------------
>
> Key: HDDS-5317
> URL: https://issues.apache.org/jira/browse/HDDS-5317
> Project: Apache Ozone
> Issue Type: Improvement
> Components: SCM HA, Security
> Reporter: Bharat Viswanadham
> Assignee: Bharat Viswanadham
> Priority: Major
>
> GetSCMCertificate can happen non-leader SCM, as rootCA is only run on primary SCM.
> So, when an SCM is bootstrapped, let's say it connects first to a bootstrapped SCM, we fail with a SCMSecurityResponse with status set to NOT_A_PRIMARY_SCM. As we return with a response, failOver will not happen.
> *SCMSecurityProtocolClientSideTranslatorPB*
> {code:java}
> private SCMSecurityResponse handleError(SCMSecurityResponse resp)
> throws SCMSecurityException {
> if (resp.getStatus() != SCMSecurityProtocolProtos.Status.OK) {
> throw new SCMSecurityException(resp.getMessage(),
> SCMSecurityException.ErrorCode.values()[resp.getStatus().ordinal()]);
> }
> return resp;
> }
> {code}
> To solve this issue, one possible solution is on server check if it is SCMSecurityException with errorCode NOT_A_PRIMARY_SCM return a RetriableWithFailOverException. In this way, FailOverProxyProvider performs failOver and Retry to the next SCM.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org
For additional commands, e-mail: issues-help@ozone.apache.org