Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
None
-
None
-
Reviewed
-
Description
Currently, a BlockTokenSecretManager starts with a random integer as the initial serial number, and then use this formula to rotate it:
this.intRange = Integer.MAX_VALUE / numNNs; this.nnRangeStart = intRange * nnIndex; this.serialNo = (this.serialNo % intRange) + (nnRangeStart);
while numNNs is the total number of NameNodes in the cluster, and nnIndex is the index of the current NameNode specified in the configuration dfs.ha.namenodes.<nameservice>.
However, with this approach, different NameNode could have overlapping ranges for serial number. For simplicity, let's assume Integer.MAX_VALUE is 100, and we have 2 NameNodes nn1 and nn2 in configuration. Then the ranges for these two are:
nn1 -> [-49, 49] nn2 -> [1, 99]
This is because the initial serial number could be any negative integer.
Moreover, when the keys are updated, the serial number will again be updated with the formula:
this.serialNo = (this.serialNo % intRange) + (nnRangeStart);
which means the new serial number could be updated to a range that belongs to a different NameNode, thus increasing the chance of collision again.
When the collision happens, DataNodes could overwrite an existing key which will cause clients to fail because of InvalidToken error.
Attachments
Attachments
Issue Links
- is caused by
-
HDFS-6440 Support more than 2 NameNodes
- Resolved
- supercedes
-
HDFS-14793 BlockTokenSecretManager should LOG block token range it operates on.
- Resolved