Dear Ozone Devs, I would like to start this discussion thread for the proposal to merge HDDS-7733-Symmetric-Tokens to master.
This feature branch contains the implementation to replace the costly token signature generation using asymmetric (RSA) keys with symmetric key algorithms, like HMAC with SHA256. Symmetric key algorithms bring a much better performance and are the natural fit for Ozone token use case. Yet, they require building a mechanism to generate, store, distribute, and renew symmetric secret keys. That requirement is not trivial and has to be split into smaller tasks that cannot be shipped individually. That is the reason why the implementation of HDDS-7733 <https://issues.apache.org/jira/browse/HDDS-7733> happens in a separate feature branch. HDDS-7733 is not a new feature but an internal redesign for Ozone tokens to improve OM performance/Ozone scalability. Apart from the existing integration and acceptance tests which should already cover the usage of tokens pretty well, we also added E2E test cases to cover the edge cases related to the symmetric secret keys life-cycle, as per HDDS-8003 <https://issues.apache.org/jira/browse/HDDS-8003>. More information can be found on the wiki page: https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=255070328 If there are no objections to the merge, we could start the official vote. Thanks, Duong
