You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@knox.apache.org by GitBox <gi...@apache.org> on 2020/07/14 14:43:10 UTC

[GitHub] [knox] pzampino commented on pull request #361: KNOX-2399 - Implemented ZookeeperTokenStateService

pzampino commented on pull request #361:
URL: https://github.com/apache/knox/pull/361#issuecomment-658221309


   > I have few concerns
   > 
   > 3. ZK is not not build to store data in this case we are storing sensitive data. In case of loss of quorum TSS will be significantly impacted (unless we store the tokens locally and then sync to ZK). Also, if we push a whole bunch of tokens in ZK we might impact other services negatively.
   
   Since this implementation is based on the AliasBasedTokenStateService, it also employs a local cache and the token state journaling facility to mitigate potential token state loss. Further, I think the ZookeeperRemoteAliasService (used by this implementation) keeps the local keystore in sync, correct?
   
   > 4. I foresee performance issues in case token size increases.
   
   There is certainly performance testing yet to be done, at least to understand the limitations of this implementation.
   


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org