Hi, the usage of the following configs of Key Management Server (KMS) are problematic:
The name indicates that the units are sec, and the online doc shows that the default values are 86400 and 3600, respectively.
which is also defined in
However, in DelegationTokenManager.java and ZKDelegationTokenSecretManager.java, these two parameters are used incorrectly.
Apparently, at Line 72, REMOVAL_SCAN_INTERVAL should be used in the same way as RENEW_INTERVAL, like
Currently, the unit of hadoop.kms.authentication.delegation-token.removal-scan-interval.sec is not sec but millisec.
The situation is the opposite in this class that hadoop.kms.authentication.delegation-token.renew-interval.sec is wrong but the other is correct...
A patch should be like