Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
2.10.0
-
Patch
Description
KeyProvider implements Closable interface but some custom implementation of KeyProvider also needs explicit close in KeyProviderCache. An example is to use custom KeyProvider in DFSClient to integrate read encrypted file on HDFS.
KeyProvider currently gets closed in KeyProviderCache only when cache entry is expired or invalidated. In some cases, this is not happening. This seems related to guava cache.
This patch is to use hadoop JVM shutdownhookManager to globally cleanup cache entries and thus close KeyProvider using cache hook right after filesystem instance gets closed in a deterministic way.
Class KeyProviderCache ... public KeyProviderCache(long expiryMs) { cache = CacheBuilder.newBuilder() .expireAfterAccess(expiryMs, TimeUnit.MILLISECONDS) .removalListener(new RemovalListener<URI, KeyProvider>() { @Override public void onRemoval( @Nonnull RemovalNotification<URI, KeyProvider> notification) { try { assert notification.getValue() != null; notification.getValue().close(); } catch (Throwable e) { LOG.error( "Error closing KeyProvider with uri [" + notification.getKey() + "]", e); } } }) .build(); }
We could have made a new function KeyProviderCache#close, have each DFSClient call this function and close KeyProvider at the end of each DFSClient#close call but it will expose another problem to potentially close global cache among different DFSClient instances.
Attachments
Issue Links
- links to
