HBASE-25875 RegionServer failed to start with IllegalThreadStateException due to race condition in AuthenticationTokenSecretManager (#3250)
* HBASE-25875 RegionServer failed to start with IllegalThreadStateException due to race condition in AuthenticationTokenSecretManager's start & retrievePassword method
Signed-off-by: stack <stack@apache.com>
(cherry picked from commit 2126ec94f0
)
This commit is contained in:
parent
439fd4aff2
commit
1a8d3c3b6b
|
@ -252,4 +252,23 @@
|
||||||
<Bug pattern="SC_START_IN_CTOR"/>
|
<Bug pattern="SC_START_IN_CTOR"/>
|
||||||
</Match>
|
</Match>
|
||||||
|
|
||||||
|
<Match>
|
||||||
|
<!--
|
||||||
|
False positives, NettyRpcServer#start & SimpleRpcServer#start are already synchronized and
|
||||||
|
there is check to ensure single initialization of authTokenSecretMgr field.
|
||||||
|
Ignore the warning, see HBASE-25875.
|
||||||
|
!-->
|
||||||
|
<Or>
|
||||||
|
<And>
|
||||||
|
<Class name="org.apache.hadoop.hbase.ipc.NettyRpcServer"/>
|
||||||
|
<Method name="start"/>
|
||||||
|
</And>
|
||||||
|
<And>
|
||||||
|
<Class name="org.apache.hadoop.hbase.ipc.SimpleRpcServer"/>
|
||||||
|
<Method name="start"/>
|
||||||
|
</And>
|
||||||
|
</Or>
|
||||||
|
<Bug pattern="ML_SYNC_ON_UPDATED_FIELD"/>
|
||||||
|
</Match>
|
||||||
|
|
||||||
</FindBugsFilter>
|
</FindBugsFilter>
|
||||||
|
|
|
@ -136,8 +136,12 @@ public class NettyRpcServer extends RpcServer {
|
||||||
}
|
}
|
||||||
authTokenSecretMgr = createSecretManager();
|
authTokenSecretMgr = createSecretManager();
|
||||||
if (authTokenSecretMgr != null) {
|
if (authTokenSecretMgr != null) {
|
||||||
setSecretManager(authTokenSecretMgr);
|
// Start AuthenticationTokenSecretManager in synchronized way to avoid race conditions in
|
||||||
authTokenSecretMgr.start();
|
// LeaderElector start. See HBASE-25875
|
||||||
|
synchronized (authTokenSecretMgr) {
|
||||||
|
setSecretManager(authTokenSecretMgr);
|
||||||
|
authTokenSecretMgr.start();
|
||||||
|
}
|
||||||
}
|
}
|
||||||
this.authManager = new ServiceAuthorizationManager();
|
this.authManager = new ServiceAuthorizationManager();
|
||||||
HBasePolicyProvider.init(conf, authManager);
|
HBasePolicyProvider.init(conf, authManager);
|
||||||
|
|
|
@ -423,8 +423,12 @@ public class SimpleRpcServer extends RpcServer {
|
||||||
}
|
}
|
||||||
authTokenSecretMgr = createSecretManager();
|
authTokenSecretMgr = createSecretManager();
|
||||||
if (authTokenSecretMgr != null) {
|
if (authTokenSecretMgr != null) {
|
||||||
setSecretManager(authTokenSecretMgr);
|
// Start AuthenticationTokenSecretManager in synchronized way to avoid race conditions in
|
||||||
authTokenSecretMgr.start();
|
// LeaderElector start. See HBASE-25875
|
||||||
|
synchronized (authTokenSecretMgr) {
|
||||||
|
setSecretManager(authTokenSecretMgr);
|
||||||
|
authTokenSecretMgr.start();
|
||||||
|
}
|
||||||
}
|
}
|
||||||
this.authManager = new ServiceAuthorizationManager();
|
this.authManager = new ServiceAuthorizationManager();
|
||||||
HBasePolicyProvider.init(conf, authManager);
|
HBasePolicyProvider.init(conf, authManager);
|
||||||
|
|
Loading…
Reference in New Issue