Details
Description
According to the doc, if we want to upgrade cluster from 2.x to 3.x, we need upgrade NN first. And there will be a intermediate state that NN is 3.x and DN is 2.x. At that moment, if a client reads (or writes) a block, it will get a block token from NN and then deliver the token to DN who can verify the token. But the verification in the code now is :
BlockTokenSecretManager.java
public void checkAccess(...) { ... id.readFields(new DataInputStream(new ByteArrayInputStream(token.getIdentifier()))); ... if (!Arrays.equals(retrievePassword(id), token.getPassword())) { throw new InvalidToken("Block token with " + id.toString() + " doesn't have the correct token password"); } }
And retrievePassword(id) is:
public byte[] retrievePassword(BlockTokenIdentifier identifier) { ... return createPassword(identifier.getBytes(), key.getKey()); }
So, if NN's identifier add new fields, DN will lose the fields and compute wrong password.
Attachments
Attachments
Issue Links
- is related to
-
HDFS-13596 NN restart fails after RollingUpgrade from 2.x to 3.x
-
- Resolved
-
- links to