HDDS-5075. [SCM HA Security] Remove code of not starting ozone services when Security is enabled on SCM HA cluster

hadoop-hdds/common/src/main/java/org/apache/hadoop/hdds/scm/ScmConfigKeys.java

@@ -519,14 +519,6 @@ public final class ScmConfigKeys {
   public static final boolean HDDS_DATANODE_UPGRADE_LAYOUT_INLINE_DEFAULT =
       true;
 
-
-  // Temporary config which will be used only for test only purposes until
-  // SCM HA Security work is completed. This config should not be modified by
-  // users.
-  public static final String OZONE_SCM_HA_SECURITY_SUPPORTED =
-      "hdds.scm.ha.security.enable";
-  public static final boolean OZONE_SCM_HA_SECURITY_SUPPORTED_DEFAULT = false;
-
   public static final String OZONE_SCM_INFO_WAIT_DURATION =
       "ozone.scm.info.wait.duration";
   public static final long OZONE_SCM_INFO_WAIT_DURATION_DEFAULT =

hadoop-hdds/container-service/src/main/java/org/apache/hadoop/ozone/HddsDatanodeService.java

@@ -69,7 +69,6 @@
 import com.sun.jmx.mbeanserver.Introspector;
 import static org.apache.hadoop.hdds.security.x509.certificate.utils.CertificateCodec.getX509Certificate;
 import static org.apache.hadoop.hdds.security.x509.certificates.utils.CertificateSignRequest.getEncodedString;
-import static org.apache.hadoop.hdds.utils.HAUtils.checkSecurityAndSCMHAEnabled;
 import static org.apache.hadoop.ozone.OzoneConfigKeys.HDDS_DATANODE_PLUGINS_KEY;
 import static org.apache.hadoop.util.ExitUtil.terminate;
 import org.bouncycastle.pkcs.PKCS10CertificationRequest;
@@ -188,7 +187,6 @@ public void start(Object service) {
 
   public void start(OzoneConfiguration configuration) {
     setConfiguration(configuration);
-    checkSecurityAndSCMHAEnabled(conf);
     start();
   }
 

hadoop-hdds/framework/src/main/java/org/apache/hadoop/hdds/utils/HAUtils.java

@@ -24,10 +24,8 @@
 import org.apache.hadoop.hdds.protocol.proto.SCMSecurityProtocolProtos.SCMGetCertResponseProto;
 import org.apache.hadoop.hdds.protocolPB.SCMSecurityProtocolClientSideTranslatorPB;
 import org.apache.hadoop.hdds.scm.AddSCMRequest;
-import org.apache.hadoop.hdds.scm.ScmConfigKeys;
 import org.apache.hadoop.hdds.scm.ScmInfo;
 import org.apache.hadoop.hdds.scm.ha.SCMHAUtils;
-import org.apache.hadoop.hdds.scm.ha.SCMNodeInfo;
 import org.apache.hadoop.hdds.scm.protocol.ScmBlockLocationProtocol;
 import org.apache.hadoop.hdds.scm.protocol.StorageContainerLocationProtocol;
 import org.apache.hadoop.hdds.scm.protocolPB.ScmBlockLocationProtocolClientSideTranslatorPB;
@@ -357,20 +355,6 @@ public static boolean isAccessControlException(Exception ex) {
     return false;
   }
 
-  public static void checkSecurityAndSCMHAEnabled(OzoneConfiguration conf) {
-    boolean enable =
-        conf.getBoolean(ScmConfigKeys.OZONE_SCM_HA_SECURITY_SUPPORTED,
-            ScmConfigKeys.OZONE_SCM_HA_SECURITY_SUPPORTED_DEFAULT);
-    if (OzoneSecurityUtil.isSecurityEnabled(conf) && !enable) {
-      List<SCMNodeInfo> scmNodeInfo = SCMNodeInfo.buildNodeInfo(conf);
-      if (scmNodeInfo.size() > 1) {
-        System.err.println("Ozone Services cannot be started on a secure SCM " +
-            "HA enabled cluster");
-        System.exit(1);
-      }
-    }
-  }
-
   /**
    * Build CA list which need to be passed to client.
    *

hadoop-hdds/server-scm/src/main/java/org/apache/hadoop/hdds/scm/server/StorageContainerManager.java

@@ -143,7 +143,6 @@
 
 import static org.apache.hadoop.hdds.scm.ScmConfigKeys.HDDS_SCM_WATCHER_TIMEOUT_DEFAULT;
 import static org.apache.hadoop.hdds.security.x509.certificate.authority.CertificateStore.CertType.VALID_CERTS;
-import static org.apache.hadoop.hdds.utils.HAUtils.checkSecurityAndSCMHAEnabled;
 import static org.apache.hadoop.ozone.OzoneConfigKeys.OZONE_ADMINISTRATORS_WILDCARD;
 import static org.apache.hadoop.ozone.OzoneConsts.CRL_SEQUENCE_ID_KEY;
 import static org.apache.hadoop.ozone.OzoneConsts.SCM_SUB_CA_PREFIX;
@@ -270,8 +269,6 @@ private StorageContainerManager(OzoneConfiguration conf,
     Objects.requireNonNull(configurator, "configurator cannot not be null");
     Objects.requireNonNull(conf, "configuration cannot not be null");
 
-    checkSecurityAndSCMHAEnabled(conf);
-
     scmHANodeDetails = SCMHANodeDetails.loadSCMHAConfig(conf);
 
     configuration = conf;
@@ -895,7 +892,6 @@ public static boolean scmBootstrap(OzoneConfiguration conf)
    */
   public static boolean scmInit(OzoneConfiguration conf,
       String clusterId) throws IOException {
-    checkSecurityAndSCMHAEnabled(conf);
     SCMStorageConfig scmStorageConfig = new SCMStorageConfig(conf);
     StorageState state = scmStorageConfig.getState();
     final SCMHANodeDetails haDetails = SCMHANodeDetails.loadSCMHAConfig(conf);

hadoop-ozone/dist/src/main/compose/ozonesecure-ha/docker-config

@@ -33,7 +33,6 @@ OZONE-SITE.XML_ozone.scm.address.scmservice.scm1=scm1.org
 OZONE-SITE.XML_ozone.scm.address.scmservice.scm2=scm2.org
 OZONE-SITE.XML_ozone.scm.address.scmservice.scm3=scm3.org
 OZONE-SITE.XML_ozone.scm.ratis.enable=true
-OZONE-SITE.XML_hdds.scm.ha.security.enable=true
 
 OZONE-SITE.XML_ozone.om.volume.listall.allowed=false
 

hadoop-ozone/integration-test/src/test/java/org/apache/hadoop/ozone/TestOzoneConfigurationFields.java

@@ -86,8 +86,7 @@ private void addPropertiesNotInXml() {
         ReconServerConfigKeys.RECON_OM_SNAPSHOT_TASK_INTERVAL_DELAY,
         ReconServerConfigKeys.RECON_OM_SNAPSHOT_TASK_FLUSH_PARAM,
         OMConfigKeys.OZONE_OM_RATIS_SNAPSHOT_AUTO_TRIGGER_THRESHOLD_KEY,
-        OMConfigKeys.OZONE_OM_HA_PREFIX,
-        ScmConfigKeys.OZONE_SCM_HA_SECURITY_SUPPORTED
+        OMConfigKeys.OZONE_OM_HA_PREFIX
         // TODO HDDS-2856
     ));
   }

hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/OzoneManagerStarter.java

@@ -31,8 +31,6 @@
 
 import java.io.IOException;
 
-import static org.apache.hadoop.hdds.utils.HAUtils.checkSecurityAndSCMHAEnabled;
-
 /**
  * This class provides a command line interface to start the OM
  * using Picocli.
@@ -124,7 +122,6 @@ static class OMStarterHelper implements OMStarterInterface{
     @Override
     public void start(OzoneConfiguration conf) throws IOException,
         AuthenticationException {
-      checkSecurityAndSCMHAEnabled(conf);
       OzoneManager om = OzoneManager.createOm(conf);
       om.start();
       om.join();
@@ -133,7 +130,6 @@ public void start(OzoneConfiguration conf) throws IOException,
     @Override
     public boolean init(OzoneConfiguration conf) throws IOException,
         AuthenticationException {
-      checkSecurityAndSCMHAEnabled(conf);
       return OzoneManager.omInit(conf);
     }
   }

hadoop-ozone/recon/src/main/java/org/apache/hadoop/ozone/recon/ReconServer.java

@@ -20,7 +20,6 @@
 
 import static org.apache.hadoop.hdds.recon.ReconConfig.ConfigStrings.OZONE_RECON_KERBEROS_KEYTAB_FILE_KEY;
 import static org.apache.hadoop.hdds.recon.ReconConfig.ConfigStrings.OZONE_RECON_KERBEROS_PRINCIPAL_KEY;
-import static org.apache.hadoop.hdds.utils.HAUtils.checkSecurityAndSCMHAEnabled;
 
 import org.apache.hadoop.hdds.HddsUtils;
 import org.apache.hadoop.hdds.StringUtils;
@@ -76,7 +75,6 @@ public Void call() throws Exception {
         ReconServer.class, originalArgs, LOG);
 
     configuration = createOzoneConfiguration();
-    checkSecurityAndSCMHAEnabled(configuration);
     ConfigurationProvider.setConfiguration(configuration);
 
     injector =  Guice.createInjector(new