Skip to content

HDDS-8219. Run HA secure tests from s3g container #4444

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
adoroszlai merged 7 commits into from
Mar 25, 2023
Merged

HDDS-8219. Run HA secure tests from s3g container #4444

adoroszlai merged 7 commits into from
Mar 25, 2023

Conversation

@adoroszlai
Copy link
Contributor

@adoroszlai adoroszlai commented Mar 21, 2023
edited
Loading

What changes were proposed in this pull request?

In ozonesecure-ha environment SCM containers have hostnames like scm1.org, but all Kerberos principals for SCM nodes are in the form <username>/[email protected]. Since no host named scm exists, lookup takes quite some time:

$ OZONE_LOGLEVEL=TRACE ozone sh volume create /vol1 |& grep 'lookup'
[main] TRACE security.SecurityUtil: Name lookup for om2 took 1 ms.
[main] TRACE security.SecurityUtil: Name lookup for om3 took 0 ms.
[main] TRACE security.SecurityUtil: Name lookup for om1 took 0 ms.
[main] TRACE security.SecurityUtil: Name lookup for scm took 497 ms.

We can improve this simply by executing the same commands from another container, e.g. s3g:

$ OZONE_LOGLEVEL=TRACE ozone sh volume create /vol2 |& grep 'lookup'
[main] TRACE security.SecurityUtil: Name lookup for om2 took 1 ms.
[main] TRACE security.SecurityUtil: Name lookup for om3 took 0 ms.
[main] TRACE security.SecurityUtil: Name lookup for om1 took 0 ms.
[main] TRACE security.SecurityUtil: Name lookup for s3g took 0 ms.

Tests for bucket links need a minor change to remove hard-coded scm from permissions in test setup.

Opening as draft, since this is based on HDDS-7975 (#4437).

https://issues.apache.org/jira/browse/HDDS-8219

How was this patch tested?

Regular CI:
https://github.com/adoroszlai/hadoop-ozone/actions/runs/4488033748

@adoroszlai adoroszlai self-assigned this Mar 21, 2023
@adoroszlai adoroszlai marked this pull request as ready for review March 22, 2023 10:30
@adoroszlai adoroszlai requested a review from smengcl March 24, 2023 12:21
smengcl
smengcl approved these changes Mar 25, 2023
View reviewed changes
Copy link
Contributor

@smengcl smengcl left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice improvement. Thanks @adoroszlai .

@adoroszlai adoroszlai merged commit 191bb5f into apache:master Mar 25, 2023
@adoroszlai adoroszlai deleted the HDDS-8219 branch March 25, 2023 09:24
@adoroszlai
Copy link
Contributor Author

adoroszlai commented Mar 25, 2023

Thanks @kerneltime, @smengcl for the review.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kerneltime kerneltime kerneltime left review comments

@smengcl smengcl smengcl approved these changes

Assignees

@adoroszlai adoroszlai

Labels

test

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@adoroszlai @kerneltime @smengcl