Uploaded image for project: 'Apache Ozone'
  1. Apache Ozone
  2. HDDS-5556

GrpcReplication Client might fail in SCM HA Cluster

Attach filesAttach ScreenshotVotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    Description

      Scenario:
      1. DN1 got cert from SCM1
      2. DN2 got cert from SCM2
      3. DN3 got cert from SCM3
      4. DN4 got cert from SCM3

      And now one of the closed container is under replicated due to DN3 faiilure, and DN4 is choose for replication it will fail during secure channel setup.

       sslContextBuilder
                  .trustManager(certClient.getCACertificate)
                  .clientAuth(ClientAuth.REQUIRE)
                  .keyManager(certClient.getPrivateKey(),
                      certClient.getCertificate()); 
      

      In SCM HA kind of setup we should pass for truststore all the CA certs to setup a secure channel.

      Attachments

        Activity

          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            vivekratnavel Vivek Ratnavel Subramanian
            bharat Bharat Viswanadham
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Issue deployment