You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ozone.apache.org by bh...@apache.org on 2021/05/27 04:03:59 UTC
[ozone] branch master updated: HDDS-5273. Handle unsecure cluster
convert to secure cluster for SCM. (#2281)
This is an automated email from the ASF dual-hosted git repository.
bharat pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ozone.git
The following commit(s) were added to refs/heads/master by this push:
new d567360 HDDS-5273. Handle unsecure cluster convert to secure cluster for SCM. (#2281)
d567360 is described below
commit d56736084171e0ff52e869e39e908643ec09d8eb
Author: Bharat Viswanadham <bh...@apache.org>
AuthorDate: Thu May 27 09:33:33 2021 +0530
HDDS-5273. Handle unsecure cluster convert to secure cluster for SCM. (#2281)
---
.../hadoop/hdds/scm/server/StorageContainerManager.java | 13 +++++++++++++
1 file changed, 13 insertions(+)
diff --git a/hadoop-hdds/server-scm/src/main/java/org/apache/hadoop/hdds/scm/server/StorageContainerManager.java b/hadoop-hdds/server-scm/src/main/java/org/apache/hadoop/hdds/scm/server/StorageContainerManager.java
index 9f4a501..f601708 100644
--- a/hadoop-hdds/server-scm/src/main/java/org/apache/hadoop/hdds/scm/server/StorageContainerManager.java
+++ b/hadoop-hdds/server-scm/src/main/java/org/apache/hadoop/hdds/scm/server/StorageContainerManager.java
@@ -989,6 +989,18 @@ public final class StorageContainerManager extends ServiceRuntimeInfoImpl
} else {
clusterId = scmStorageConfig.getClusterID();
final boolean isSCMHAEnabled = scmStorageConfig.isSCMHAEnabled();
+
+ // Initialize security if security is enabled later.
+ if (OzoneSecurityUtil.isSecurityEnabled(conf)
+ && scmStorageConfig.getScmCertSerialId() == null) {
+ HASecurityUtils.initializeSecurity(scmStorageConfig, conf,
+ getScmAddress(haDetails, conf), true);
+ scmStorageConfig.forceInitialize();
+ LOG.info("SCM unsecure cluster is converted to secure cluster. " +
+ "Persisted SCM Certificate SerialID {}",
+ scmStorageConfig.getScmCertSerialId());
+ }
+
if (SCMHAUtils.isSCMHAEnabled(conf) && !isSCMHAEnabled) {
SCMRatisServerImpl.initialize(scmStorageConfig.getClusterID(),
scmStorageConfig.getScmId(), haDetails.getLocalNodeDetails(),
@@ -998,6 +1010,7 @@ public final class StorageContainerManager extends ServiceRuntimeInfoImpl
scmStorageConfig.forceInitialize();
LOG.debug("Enabled SCM HA");
}
+
LOG.info("SCM already initialized. Reusing existing cluster id for sd={}"
+ ";cid={}; layoutVersion={}; HAEnabled={}",
scmStorageConfig.getStorageDir(), clusterId,
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@ozone.apache.org
For additional commands, e-mail: commits-help@ozone.apache.org