Skip to content

HDDS-8042. Display certificate issuer in cert list command. #4429

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
ChenSammi merged 2 commits into from
Mar 23, 2023
Merged

HDDS-8042. Display certificate issuer in cert list command. #4429

ChenSammi merged 2 commits into from
Mar 23, 2023

Conversation

@ChenSammi
Copy link
Contributor

@ChenSammi ChenSammi commented Mar 20, 2023

https://issues.apache.org/jira/browse/HDDS-8042

Output before patch

bash-4.2$ ozone admin cert list 
Total 11 valid certificates: 
SerialNumber      Valid From                     Expiry                         Subject                                                                                                       
1                 Mon Mar 20 06:20:20 UTC 2023   Thu Apr 27 06:20:20 UTC 2028   [email protected],OU=d2a1c17f-34cb-4a0e-af0f-4d28353f1a6c,O=CID-148b1564-3abc-462b-8389-2a7b6ac6c733            
87303630914       Mon Mar 20 06:20:21 UTC 2023   Thu Apr 27 06:20:21 UTC 2028   [email protected],OU=d2a1c17f-34cb-4a0e-af0f-4d28353f1a6c,O=CID-148b1564-3abc-462b-8389-2a7b6ac6c733        
109107860257      Mon Mar 20 06:20:43 UTC 2023   Thu Apr 27 06:20:43 UTC 2028   [email protected],OU=0078c031-35bd-48c5-bb0a-054000d2418b,O=CID-148b1564-3abc-462b-8389-2a7b6ac6c733        
109288367257      Mon Mar 20 06:20:43 UTC 2023   Tue Mar 19 06:20:43 UTC 2024   CN=recon@recon,OU=d2a1c17f-34cb-4a0e-af0f-4d28353f1a6c,O=CID-148b1564-3abc-462b-8389-2a7b6ac6c733             
118491360137      Mon Mar 20 06:20:52 UTC 2023   Thu Apr 27 06:20:52 UTC 2028   [email protected],OU=f890ae25-c837-4ce0-8f05-347555442e9f,O=CID-148b1564-3abc-462b-8389-2a7b6ac6c733        
133265524226      Mon Mar 20 06:21:07 UTC 2023   Tue Mar 19 06:21:07 UTC 2024   CN=dn@4fbc1d7db192,OU=d2a1c17f-34cb-4a0e-af0f-4d28353f1a6c,O=CID-148b1564-3abc-462b-8389-2a7b6ac6c733         
133638710143      Mon Mar 20 06:21:07 UTC 2023   Tue Mar 19 06:21:07 UTC 2024   CN=dn@22cb49da28be,OU=d2a1c17f-34cb-4a0e-af0f-4d28353f1a6c,O=CID-148b1564-3abc-462b-8389-2a7b6ac6c733         
134258596643      Mon Mar 20 06:21:08 UTC 2023   Tue Mar 19 06:21:08 UTC 2024   CN=dn@776a01a893e4,OU=d2a1c17f-34cb-4a0e-af0f-4d28353f1a6c,O=CID-148b1564-3abc-462b-8389-2a7b6ac6c733         
136650625394      Mon Mar 20 06:21:10 UTC 2023   Tue Mar 19 06:21:10 UTC 2024   CN=om1,OU=d2a1c17f-34cb-4a0e-af0f-4d28353f1a6c,O=CID-148b1564-3abc-462b-8389-2a7b6ac6c733                     
136735229394      Mon Mar 20 06:21:10 UTC 2023   Tue Mar 19 06:21:10 UTC 2024   CN=om2,OU=d2a1c17f-34cb-4a0e-af0f-4d28353f1a6c,O=CID-148b1564-3abc-462b-8389-2a7b6ac6c733                     
137483348978      Mon Mar 20 06:21:11 UTC 2023   Tue Mar 19 06:21:11 UTC 2024   CN=om3,OU=d2a1c17f-34cb-4a0e-af0f-4d28353f1a6c,O=CID-148b1564-3abc-462b-8389-2a7b6ac6c733

Output after patch

bash-4.2$ ozone admin cert list
Certificate list:(Type=VALID, BatchSize=20, CertCount=11)
SerialNumber      Valid From                     Expiry                         Subject                                                                                                        Issuer                                                                                                        
754090284551      Mon Mar 20 06:31:27 UTC 2023   Thu Apr 27 06:31:27 UTC 2028   [email protected],OU=96b4fd0f-e545-4d03-a9b1-5abee70ed907,O=CID-dbac1f31-a439-435d-b6d5-b73e50828f4e         [email protected],OU=96b4fd0f-e545-4d03-a9b1-5abee70ed907,O=CID-dbac1f31-a439-435d-b6d5-b73e50828f4e            
774473638186      Mon Mar 20 06:31:48 UTC 2023   Thu Apr 27 06:31:48 UTC 2028   [email protected],OU=7569e35b-eda4-43ff-9985-82d4530b64ee,O=CID-dbac1f31-a439-435d-b6d5-b73e50828f4e         [email protected],OU=96b4fd0f-e545-4d03-a9b1-5abee70ed907,O=CID-dbac1f31-a439-435d-b6d5-b73e50828f4e            
775686475103      Mon Mar 20 06:31:49 UTC 2023   Tue Mar 19 06:31:49 UTC 2024   CN=recon@recon,OU=96b4fd0f-e545-4d03-a9b1-5abee70ed907,O=CID-dbac1f31-a439-435d-b6d5-b73e50828f4e              [email protected],OU=96b4fd0f-e545-4d03-a9b1-5abee70ed907,O=CID-dbac1f31-a439-435d-b6d5-b73e50828f4e        
788141377358      Mon Mar 20 06:32:02 UTC 2023   Thu Apr 27 06:32:02 UTC 2028   [email protected],OU=d8abe3d0-726d-4b9a-85ca-ed4309b4de5c,O=CID-dbac1f31-a439-435d-b6d5-b73e50828f4e         [email protected],OU=96b4fd0f-e545-4d03-a9b1-5abee70ed907,O=CID-dbac1f31-a439-435d-b6d5-b73e50828f4e            
804789908700      Mon Mar 20 06:32:18 UTC 2023   Tue Mar 19 06:32:18 UTC 2024   CN=dn@4ccd3988b5e3,OU=96b4fd0f-e545-4d03-a9b1-5abee70ed907,O=CID-dbac1f31-a439-435d-b6d5-b73e50828f4e          [email protected],OU=96b4fd0f-e545-4d03-a9b1-5abee70ed907,O=CID-dbac1f31-a439-435d-b6d5-b73e50828f4e        
806362991242      Mon Mar 20 06:32:20 UTC 2023   Tue Mar 19 06:32:20 UTC 2024   CN=dn@84925ba1d64e,OU=96b4fd0f-e545-4d03-a9b1-5abee70ed907,O=CID-dbac1f31-a439-435d-b6d5-b73e50828f4e          [email protected],OU=96b4fd0f-e545-4d03-a9b1-5abee70ed907,O=CID-dbac1f31-a439-435d-b6d5-b73e50828f4e        
806987236284      Mon Mar 20 06:32:20 UTC 2023   Tue Mar 19 06:32:20 UTC 2024   CN=dn@a31dc844a962,OU=96b4fd0f-e545-4d03-a9b1-5abee70ed907,O=CID-dbac1f31-a439-435d-b6d5-b73e50828f4e          [email protected],OU=96b4fd0f-e545-4d03-a9b1-5abee70ed907,O=CID-dbac1f31-a439-435d-b6d5-b73e50828f4e        
814049245662      Mon Mar 20 06:32:27 UTC 2023   Tue Mar 19 06:32:27 UTC 2024   CN=om1,OU=96b4fd0f-e545-4d03-a9b1-5abee70ed907,O=CID-dbac1f31-a439-435d-b6d5-b73e50828f4e                      [email protected],OU=96b4fd0f-e545-4d03-a9b1-5abee70ed907,O=CID-dbac1f31-a439-435d-b6d5-b73e50828f4e        
814281868996      Mon Mar 20 06:32:28 UTC 2023   Tue Mar 19 06:32:28 UTC 2024   CN=om2,OU=96b4fd0f-e545-4d03-a9b1-5abee70ed907,O=CID-dbac1f31-a439-435d-b6d5-b73e50828f4e                      [email protected],OU=96b4fd0f-e545-4d03-a9b1-5abee70ed907,O=CID-dbac1f31-a439-435d-b6d5-b73e50828f4e        
814524253788      Mon Mar 20 06:32:28 UTC 2023   Tue Mar 19 06:32:28 UTC 2024   CN=om3,OU=96b4fd0f-e545-4d03-a9b1-5abee70ed907,O=CID-dbac1f31-a439-435d-b6d5-b73e50828f4e                      [email protected],OU=96b4fd0f-e545-4d03-a9b1-5abee70ed907,O=CID-dbac1f31-a439-435d-b6d5-b73e50828f4e        
1                 Mon Mar 20 06:31:27 UTC 2023   Thu Apr 27 06:31:27 UTC 2028   [email protected],OU=96b4fd0f-e545-4d03-a9b1-5abee70ed907,O=CID-dbac1f31-a439-435d-b6d5-b73e50828f4e             [email protected],OU=96b4fd0f-e545-4d03-a9b1-5abee70ed907,O=CID-dbac1f31-a439-435d-b6d5-b73e50828f4e

@kerneltime
Copy link
Contributor

kerneltime commented Mar 20, 2023

@SaketaChalamchala @tanvipenumudy can you please take a look?

@kerneltime kerneltime requested review from duongkame and fapifta March 20, 2023 16:07
@neils-dev neils-dev self-requested a review March 21, 2023 21:35
duongkame
duongkame approved these changes Mar 22, 2023
View reviewed changes
Copy link
Contributor

@duongkame duongkame left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. +1

neils-dev
neils-dev reviewed Mar 22, 2023
View reviewed changes
hadoop-hdds/tools/src/main/java/org/apache/hadoop/hdds/scm/cli/cert/ListSubcommand.java
HddsProtos.NodeType nodeType = parseCertRole(role);
List<String> certPemList = client.listCertificate(nodeType,
startSerialId, count, isRevoked);
LOG.info("Certificate list:(Type={}, BatchSize={}, CertCount={})",
Copy link
Contributor

@neils-dev neils-dev Mar 22, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Minor: for clarity, CertCount can be reworked to TotalCertCount.

Changes look good. Thanks. +1

Copy link
Contributor Author

@ChenSammi ChenSammi Mar 23, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@neils-dev , thanks for the code review. TotalCertCount will be misleading. It will make user think there is only this amount of certs in the cluster. This case happened before.

@ChenSammi
Copy link
Contributor Author

ChenSammi commented Mar 23, 2023

Thanks @fapifta @duongkame and @neils-dev for the code review.

@ChenSammi ChenSammi merged commit 209a2e7 into apache:master Mar 23, 2023
errose28 added a commit to errose28/ozone that referenced this pull request Mar 23, 2023
@errose28
Merge branch 'master' into HDDS-6633
a24321d 
* master: (43 commits)
  HDDS-8148. Improve log for Pipeline creation failure (apache#4385)
  HDDS-7853. Add support for RemoveSCM in SCMRatisServer. (apache#4358)
  HDDS-8042. Display certificate issuer in cert list command. (apache#4429)
  HDDS-8189. [Snapshot] renamedKeyTable should only track keys in buckets that has at least one active snapshot. (apache#4436)
  HDDS-8154. Perf: Reuse Mac instances in S3 token validation (apache#4433)
  HDDS-8245. Info log for keyDeletingService when nonzero number of keys are deleted. (apache#4451)
  HDDS-8233. ReplicationManager: Throttle delete container commands from over-replication handlers (apache#4447)
  HDDS-8220. [Ozone-Streaming] Trigger volume check on IOException in StreamDataChannelBase (apache#4428)
  HDDS-8173. Fix to remove enrties from RocksDB after container gets deleted. (apache#4445)
  HDDS-7975. Rebalance acceptance tests (apache#4437)
  HDDS-8152. Reduce S3 acceptance test setup time (apache#4393)
  HDDS-8172. ECUnderReplicationHandler should consider commands already sent when processing the container (apache#4435)
  HDDS-7883. [Snapshot] Accommodate FSO, key renames and implement OMSnapshotPurgeRequest for SnapshotDeletingService (apache#4407)
  HDDS-8168. Make deadlines inside MoveManager for move commands configurable (apache#4415)
  HDDS-7918. EC: ECBlockReconstructedStripeInputStream should check for spare replicas before failing an index (apache#4441)
  HDDS-8222. EndpointBase#getBucket should handle BUCKET_NOT_FOUND (apache#4431)
  HDDS-8068. Fix Exception: JMXJsonServlet, getting attribute RatisRoles of Hadoop:service=OzoneManager. (apache#4352)
  HDDS-8139. Datanodes should not drop block delete transactions based on transaction ID (apache#4384)
  HDDS-8216. EC: OzoneClientConfig is overwritten in ECKeyOutputStream (apache#4425)
  HDDS-8054. Fix NPE in metrics for failed volume (apache#4340)
  ...
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@neils-dev neils-dev neils-dev left review comments

@fapifta fapifta fapifta approved these changes

@duongkame duongkame duongkame approved these changes

@nilotpalnandi nilotpalnandi Awaiting requested review from nilotpalnandi

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@ChenSammi @kerneltime @fapifta @duongkame @neils-dev