Apache
/
hbase
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

HBASE-25875 RegionServer failed to start with IllegalThreadStateException due to race condition in AuthenticationTokenSecretManager (#3250) 

* HBASE-25875 RegionServer failed to start with IllegalThreadStateException due to race condition in AuthenticationTokenSecretManager's start & retrievePassword method

Signed-off-by: stack <stack@apache.com>
(cherry picked from commit 2126ec94f0)
This commit is contained in:
Pankaj 2021-05-17 12:17:24 +05:30 committed by Pankaj Kumar
parent 439fd4aff2
commit 1a8d3c3b6b
3 changed files with 31 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
dev-support/spotbugs-exclude.xml
View File

@ -252,4 +252,23 @@
<Bug pattern="SC_START_IN_CTOR"/> <Bug pattern="SC_START_IN_CTOR"/>
</Match> </Match>
<Match>
<!--
False positives, NettyRpcServer#start & SimpleRpcServer#start are already synchronized and
there is check to ensure single initialization of authTokenSecretMgr field.
Ignore the warning, see HBASE-25875.
!-->
<Or>
<And>
<Class name="org.apache.hadoop.hbase.ipc.NettyRpcServer"/>
<Method name="start"/>
</And>
<And>
<Class name="org.apache.hadoop.hbase.ipc.SimpleRpcServer"/>
<Method name="start"/>
</And>
</Or>
<Bug pattern="ML_SYNC_ON_UPDATED_FIELD"/>
</Match>
</FindBugsFilter> </FindBugsFilter>

4
hbase-server/src/main/java/org/apache/hadoop/hbase/ipc/NettyRpcServer.java
View File

@ -136,9 +136,13 @@ public class NettyRpcServer extends RpcServer {
} }
authTokenSecretMgr = createSecretManager(); authTokenSecretMgr = createSecretManager();
if (authTokenSecretMgr != null) { if (authTokenSecretMgr != null) {
// Start AuthenticationTokenSecretManager in synchronized way to avoid race conditions in
// LeaderElector start. See HBASE-25875
synchronized (authTokenSecretMgr) {
setSecretManager(authTokenSecretMgr); setSecretManager(authTokenSecretMgr);
authTokenSecretMgr.start(); authTokenSecretMgr.start();
} }
}
this.authManager = new ServiceAuthorizationManager(); this.authManager = new ServiceAuthorizationManager();
HBasePolicyProvider.init(conf, authManager); HBasePolicyProvider.init(conf, authManager);
scheduler.start(); scheduler.start();

4
hbase-server/src/main/java/org/apache/hadoop/hbase/ipc/SimpleRpcServer.java
View File

@ -423,9 +423,13 @@ public class SimpleRpcServer extends RpcServer {
} }
authTokenSecretMgr = createSecretManager(); authTokenSecretMgr = createSecretManager();
if (authTokenSecretMgr != null) { if (authTokenSecretMgr != null) {
// Start AuthenticationTokenSecretManager in synchronized way to avoid race conditions in
// LeaderElector start. See HBASE-25875
synchronized (authTokenSecretMgr) {
setSecretManager(authTokenSecretMgr); setSecretManager(authTokenSecretMgr);
authTokenSecretMgr.start(); authTokenSecretMgr.start();
} }
}
this.authManager = new ServiceAuthorizationManager(); this.authManager = new ServiceAuthorizationManager();
HBasePolicyProvider.init(conf, authManager); HBasePolicyProvider.init(conf, authManager);
responder.start(); responder.start();