[jira] [Resolved] (HADOOP-18245) Extend KMS related exceptions that get mapped to ConnectException

Thu, 19 May 2022 13:26:07 -0700 


     [ 
https://issues.apache.org/jira/browse/HADOOP-18245?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Wei-Chiu Chuang resolved HADOOP-18245.
--------------------------------------
    Fix Version/s: 3.4.0
       Resolution: Fixed

The PR is merged in trunk. Thanks [~kerneltime]!

> Extend KMS related exceptions that get mapped to ConnectException 
> ------------------------------------------------------------------
>
>                 Key: HADOOP-18245
>                 URL: https://issues.apache.org/jira/browse/HADOOP-18245
>             Project: Hadoop Common
>          Issue Type: Bug
>          Components: kms
>            Reporter: Ritesh H Shukla
>            Assignee: Ritesh H Shukla
>            Priority: Major
>              Labels: pull-request-available
>             Fix For: 3.4.0
>
>          Time Spent: 40m
>  Remaining Estimate: 0h
>
> Based on production workload, we found that it is not enough to map just 
> SSLHandshakeException to ConnectException in Loadbalancing KMS Client but 
> that needs to be extended to SSLExceptions and SocketExceptions.
> Sample JDK code that can raise these exceptions: 
> https://github.com/openjdk/jdk/blob/jdk-18%2B32/src/java.base/share/classes/sun/security/ssl/SSLSocketImpl.java#L1409-L1428
> Sample Exception backtrace: 
> 22/04/13 16:25:53 WARN kms.LoadBalancingKMSClientProvider: KMS provider at 
> [https://bdgtr041x10h5.nam.nsroot.net:16001/kms/v1/] threw an IOException:
> javax.net.ssl.SSLHandshakeException: Remote host terminated the handshake
>         at sun.security.ssl.SSLSocketImpl.handleEOF(SSLSocketImpl.java:1470)
>         at sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1298)
>         at 
> sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1199)
>         at 
> sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:373)
>         at 
> sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:587)
>         at 
> sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDe
> Caused by: java.io.EOFException: SSL peer shut down incorrectly
>         at 
> sun.security.ssl.SSLSocketInputRecord.read(SSLSocketInputRecord.java:480)
>         at 
> sun.security.ssl.SSLSocketInputRecord.readHeader(SSLSocketInputRecord.java:469)
>         ... 59 more



--
This message was sent by Atlassian Jira
(v8.20.7#820007)

---------------------------------------------------------------------
To unsubscribe, e-mail: common-dev-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-dev-h...@hadoop.apache.org

Reply via email to