HDDS-1946. CertificateClient should not persist keys/certs to ozone.m…

[vivekratnavel]

…etadata.dir

The issue was that when OM and SCM are deployed on the same host with ozone.metadata.dir defined. SCM can start successfully but OM can not because the key/cert from OM will collide with SCM.

The solution implemented in this patch is to store certs in a sub directory inside ozone.metadata.dir based on the component. Ozone Manager will store its certs in ${ozone.metadata.dir}/om/certs and Datanode will store in ${ozone.metadata.dir}/dn/certs to avoid conflicts. This solution was discussed with @anuengineer and I thank him for his guidance.

Testing done:
I tested the patch in docker containers and verified that certs are now stored in ${ozone.metadata.dir}/${component}/certs path. I modified the unit tests and verified that all unit tests pass.

[vivekratnavel]

/label ozone

[vivekratnavel]

@anuengineer @avijayanhwx @swagle @xiaoyuyao Please review when you find time

[hadoop-yetus]

💔 -1 overall

Vote	Subsystem	Runtime	Comment
0	reexec	42	Docker mode activated.
		_ Prechecks _
+1	dupname	0	No case conflicting files found.
+1	@author	0	The patch does not contain any @author tags.
+1	test4tests	0	The patch appears to include 3 new or modified test files.
		_ trunk Compile Tests _
0	mvndep	10	Maven dependency ordering for branch
+1	mvninstall	607	trunk passed
+1	compile	363	trunk passed
+1	checkstyle	64	trunk passed
+1	mvnsite	0	trunk passed
+1	shadedclient	819	branch has no errors when building and testing our client artifacts.
+1	javadoc	156	trunk passed
0	spotbugs	417	Used deprecated FindBugs config; considering switching to SpotBugs.
+1	findbugs	609	trunk passed
		_ Patch Compile Tests _
0	mvndep	18	Maven dependency ordering for patch
+1	mvninstall	544	the patch passed
+1	compile	363	the patch passed
+1	javac	363	the patch passed
+1	checkstyle	72	the patch passed
+1	mvnsite	0	the patch passed
+1	whitespace	0	The patch has no whitespace issues.
+1	shadedclient	682	patch has no errors when building and testing our client artifacts.
+1	javadoc	156	the patch passed
+1	findbugs	637	the patch passed
		_ Other Tests _
+1	unit	285	hadoop-hdds in the patch passed.
-1	unit	1792	hadoop-ozone in the patch failed.
+1	asflicense	47	The patch does not generate ASF License warnings.
		7414

Reason	Tests
Failed junit tests	hadoop.ozone.TestContainerStateMachineIdempotency
	hadoop.ozone.client.rpc.TestReadRetries
	hadoop.ozone.client.rpc.TestBlockOutputStreamWithFailures
	hadoop.ozone.om.TestSecureOzoneManager

Subsystem	Report/Notes
Docker	Client=19.03.1 Server=19.03.1 base: https://builds.apache.org/job/hadoop-multibranch/job/PR-1311/2/artifact/out/Dockerfile
GITHUB PR	#1311
Optional Tests	dupname asflicense compile javac javadoc mvninstall mvnsite unit shadedclient findbugs checkstyle
uname	Linux 6f13f3305561 4.4.0-139-generic #165-Ubuntu SMP Wed Oct 24 10:58:50 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
Build tool	maven
Personality	personality/hadoop.sh
git revision	trunk / d873ddd
Default Java	1.8.0_222
unit	https://builds.apache.org/job/hadoop-multibranch/job/PR-1311/2/artifact/out/patch-unit-hadoop-ozone.txt
Test Results	https://builds.apache.org/job/hadoop-multibranch/job/PR-1311/2/testReport/
Max. process+thread count	5411 (vs. ulimit of 5500)
modules	C: hadoop-hdds/common hadoop-hdds/container-service U: hadoop-hdds
Console output	https://builds.apache.org/job/hadoop-multibranch/job/PR-1311/2/console
versions	git=2.7.4 maven=3.3.9 findbugs=3.1.0-RC1
Powered by	Apache Yetus 0.10.0 http://yetus.apache.org

This message was automatically generated.

[hadoop-yetus]

💔 -1 overall

Vote	Subsystem	Runtime	Comment
0	reexec	139	Docker mode activated.
		_ Prechecks _
+1	dupname	1	No case conflicting files found.
+1	@author	0	The patch does not contain any @author tags.
+1	test4tests	0	The patch appears to include 3 new or modified test files.
		_ trunk Compile Tests _
0	mvndep	42	Maven dependency ordering for branch
+1	mvninstall	719	trunk passed
+1	compile	368	trunk passed
+1	checkstyle	71	trunk passed
+1	mvnsite	0	trunk passed
+1	shadedclient	947	branch has no errors when building and testing our client artifacts.
+1	javadoc	164	trunk passed
0	spotbugs	435	Used deprecated FindBugs config; considering switching to SpotBugs.
+1	findbugs	636	trunk passed
		_ Patch Compile Tests _
0	mvndep	19	Maven dependency ordering for patch
+1	mvninstall	560	the patch passed
+1	compile	374	the patch passed
+1	javac	374	the patch passed
+1	checkstyle	75	the patch passed
+1	mvnsite	0	the patch passed
+1	whitespace	0	The patch has no whitespace issues.
+1	shadedclient	753	patch has no errors when building and testing our client artifacts.
+1	javadoc	188	the patch passed
+1	findbugs	654	the patch passed
		_ Other Tests _
-1	unit	343	hadoop-hdds in the patch failed.
-1	unit	2286	hadoop-ozone in the patch failed.
+1	asflicense	46	The patch does not generate ASF License warnings.
		8550

Reason	Tests
Failed junit tests	hadoop.hdds.scm.block.TestBlockManager
	hadoop.ozone.client.rpc.TestBlockOutputStreamWithFailures
	hadoop.ozone.om.TestSecureOzoneManager
	hadoop.ozone.client.rpc.Test2WayCommitInRatis
	hadoop.hdds.scm.pipeline.TestRatisPipelineCreateAndDestory

Subsystem	Report/Notes
Docker	Client=19.03.0 Server=19.03.0 base: https://builds.apache.org/job/hadoop-multibranch/job/PR-1311/1/artifact/out/Dockerfile
GITHUB PR	#1311
Optional Tests	dupname asflicense compile javac javadoc mvninstall mvnsite unit shadedclient findbugs checkstyle
uname	Linux aa8b478b053f 4.15.0-52-generic #56-Ubuntu SMP Tue Jun 4 22:49:08 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux
Build tool	maven
Personality	personality/hadoop.sh
git revision	trunk / d873ddd
Default Java	1.8.0_212
unit	https://builds.apache.org/job/hadoop-multibranch/job/PR-1311/1/artifact/out/patch-unit-hadoop-hdds.txt
unit	https://builds.apache.org/job/hadoop-multibranch/job/PR-1311/1/artifact/out/patch-unit-hadoop-ozone.txt
Test Results	https://builds.apache.org/job/hadoop-multibranch/job/PR-1311/1/testReport/
Max. process+thread count	4571 (vs. ulimit of 5500)
modules	C: hadoop-hdds/common hadoop-hdds/container-service U: hadoop-hdds
Console output	https://builds.apache.org/job/hadoop-multibranch/job/PR-1311/1/console
versions	git=2.7.4 maven=3.3.9 findbugs=3.1.0-RC1
Powered by	Apache Yetus 0.10.0 http://yetus.apache.org

This message was automatically generated.

[bharatviswa504]

Do we need to do something for the key location also?

[vivekratnavel]

@bharatviswa504 Thanks for the review! I have updated the patch to include component name in the key location as well.

[hadoop-yetus]

💔 -1 overall

Vote	Subsystem	Runtime	Comment
0	reexec	72	Docker mode activated.
		_ Prechecks _
+1	dupname	1	No case conflicting files found.
+1	@author	0	The patch does not contain any @author tags.
+1	test4tests	0	The patch appears to include 3 new or modified test files.
		_ trunk Compile Tests _
0	mvndep	11	Maven dependency ordering for branch
+1	mvninstall	599	trunk passed
+1	compile	371	trunk passed
+1	checkstyle	70	trunk passed
+1	mvnsite	0	trunk passed
+1	shadedclient	929	branch has no errors when building and testing our client artifacts.
+1	javadoc	162	trunk passed
0	spotbugs	432	Used deprecated FindBugs config; considering switching to SpotBugs.
+1	findbugs	632	trunk passed
		_ Patch Compile Tests _
0	mvndep	20	Maven dependency ordering for patch
+1	mvninstall	562	the patch passed
+1	compile	373	the patch passed
+1	javac	373	the patch passed
+1	checkstyle	74	the patch passed
+1	mvnsite	0	the patch passed
+1	whitespace	0	The patch has no whitespace issues.
+1	shadedclient	753	patch has no errors when building and testing our client artifacts.
+1	javadoc	188	the patch passed
+1	findbugs	795	the patch passed
		_ Other Tests _
+1	unit	372	hadoop-hdds in the patch passed.
-1	unit	2365	hadoop-ozone in the patch failed.
+1	asflicense	44	The patch does not generate ASF License warnings.
		8560

Reason	Tests
Failed junit tests	hadoop.ozone.client.rpc.TestBlockOutputStreamWithFailures
	hadoop.ozone.scm.node.TestQueryNode
	hadoop.ozone.om.TestSecureOzoneManager
	hadoop.ozone.client.rpc.TestOzoneRpcClientForAclAuditLog
	hadoop.ozone.client.rpc.TestWatchForCommit
	hadoop.hdds.scm.pipeline.TestRatisPipelineCreateAndDestory

Subsystem	Report/Notes
Docker	Client=19.03.0 Server=19.03.0 base: https://builds.apache.org/job/hadoop-multibranch/job/PR-1311/3/artifact/out/Dockerfile
GITHUB PR	#1311
Optional Tests	dupname asflicense compile javac javadoc mvninstall mvnsite unit shadedclient findbugs checkstyle
uname	Linux 462101c50b63 4.15.0-52-generic #56-Ubuntu SMP Tue Jun 4 22:49:08 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux
Build tool	maven
Personality	personality/hadoop.sh
git revision	trunk / 3bba808
Default Java	1.8.0_212
unit	https://builds.apache.org/job/hadoop-multibranch/job/PR-1311/3/artifact/out/patch-unit-hadoop-ozone.txt
Test Results	https://builds.apache.org/job/hadoop-multibranch/job/PR-1311/3/testReport/
Max. process+thread count	5093 (vs. ulimit of 5500)
modules	C: hadoop-hdds/common hadoop-hdds/container-service U: hadoop-hdds
Console output	https://builds.apache.org/job/hadoop-multibranch/job/PR-1311/3/console
versions	git=2.7.4 maven=3.3.9 findbugs=3.1.0-RC1
Powered by	Apache Yetus 0.10.0 http://yetus.apache.org

This message was automatically generated.

[bharatviswa504]

Over all LGTM.
Can we remove the KeyCodec constructor with only configs? I see this is being used only in tests. With this, we can eliminate the chances of not passing the component name to codec and face the issue provided in Jira. If you feel there is a need for this, we can leave it for now.

[hadoop-yetus]

💔 -1 overall

Vote	Subsystem	Runtime	Comment
0	reexec	559	Docker mode activated.
		_ Prechecks _
+1	dupname	0	No case conflicting files found.
+1	@author	0	The patch does not contain any @author tags.
+1	test4tests	0	The patch appears to include 3 new or modified test files.
		_ trunk Compile Tests _
0	mvndep	25	Maven dependency ordering for branch
+1	mvninstall	636	trunk passed
+1	compile	346	trunk passed
+1	checkstyle	62	trunk passed
+1	mvnsite	0	trunk passed
+1	shadedclient	822	branch has no errors when building and testing our client artifacts.
+1	javadoc	169	trunk passed
0	spotbugs	419	Used deprecated FindBugs config; considering switching to SpotBugs.
+1	findbugs	622	trunk passed
		_ Patch Compile Tests _
0	mvndep	15	Maven dependency ordering for patch
+1	mvninstall	561	the patch passed
+1	compile	381	the patch passed
+1	javac	381	the patch passed
+1	checkstyle	68	the patch passed
+1	mvnsite	0	the patch passed
+1	whitespace	0	The patch has no whitespace issues.
+1	shadedclient	650	patch has no errors when building and testing our client artifacts.
+1	javadoc	150	the patch passed
+1	findbugs	626	the patch passed
		_ Other Tests _
+1	unit	279	hadoop-hdds in the patch passed.
-1	unit	1723	hadoop-ozone in the patch failed.
+1	asflicense	42	The patch does not generate ASF License warnings.
		7881

Reason	Tests
Failed junit tests	hadoop.ozone.client.rpc.TestBlockOutputStreamWithFailures
	hadoop.hdds.scm.pipeline.TestRatisPipelineCreateAndDestory
	hadoop.ozone.client.rpc.TestCommitWatcher
	hadoop.ozone.om.TestSecureOzoneManager
	hadoop.ozone.container.server.TestSecureContainerServer
	hadoop.ozone.om.TestOzoneManagerHA

Subsystem	Report/Notes
Docker	Client=19.03.1 Server=19.03.1 base: https://builds.apache.org/job/hadoop-multibranch/job/PR-1311/4/artifact/out/Dockerfile
GITHUB PR	#1311
Optional Tests	dupname asflicense compile javac javadoc mvninstall mvnsite unit shadedclient findbugs checkstyle
uname	Linux 0ad3a2bced8a 4.4.0-138-generic #164-Ubuntu SMP Tue Oct 2 17:16:02 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
Build tool	maven
Personality	personality/hadoop.sh
git revision	trunk / 6244502
Default Java	1.8.0_222
unit	https://builds.apache.org/job/hadoop-multibranch/job/PR-1311/4/artifact/out/patch-unit-hadoop-ozone.txt
Test Results	https://builds.apache.org/job/hadoop-multibranch/job/PR-1311/4/testReport/
Max. process+thread count	5337 (vs. ulimit of 5500)
modules	C: hadoop-hdds/common hadoop-hdds/container-service U: hadoop-hdds
Console output	https://builds.apache.org/job/hadoop-multibranch/job/PR-1311/4/console
versions	git=2.7.4 maven=3.3.9 findbugs=3.1.0-RC1
Powered by	Apache Yetus 0.10.0 http://yetus.apache.org

This message was automatically generated.

[xiaoyuyao]

Thanks @vivekratnavel for working on this. The changes look good to me overall with two issues:

1. The integration test failure testSecureOmInitFailures is related where the component name need to be passed into getKeyLocation().

2. The key/cert location change also needs further changes for secure GRPC as they are currently calling into the getKeyLocation() without giving component name. When we move the DN keys under ".../dn/keys", the GRPC client/server (DNs) will not be able to find the keys under ".../keys".

[hadoop-yetus]

💔 -1 overall

Vote	Subsystem	Runtime	Comment
0	reexec	91	Docker mode activated.
		_ Prechecks _
+1	dupname	0	No case conflicting files found.
+1	@author	0	The patch does not contain any @author tags.
+1	test4tests	0	The patch appears to include 3 new or modified test files.
		_ trunk Compile Tests _
0	mvndep	37	Maven dependency ordering for branch
+1	mvninstall	769	trunk passed
+1	compile	415	trunk passed
+1	checkstyle	75	trunk passed
+1	mvnsite	0	trunk passed
+1	shadedclient	928	branch has no errors when building and testing our client artifacts.
+1	javadoc	192	trunk passed
0	spotbugs	506	Used deprecated FindBugs config; considering switching to SpotBugs.
+1	findbugs	741	trunk passed
		_ Patch Compile Tests _
0	mvndep	23	Maven dependency ordering for patch
+1	mvninstall	661	the patch passed
+1	compile	428	the patch passed
+1	javac	428	the patch passed
+1	checkstyle	80	the patch passed
+1	mvnsite	0	the patch passed
+1	whitespace	0	The patch has no whitespace issues.
+1	shadedclient	728	patch has no errors when building and testing our client artifacts.
+1	javadoc	185	the patch passed
+1	findbugs	778	the patch passed
		_ Other Tests _
-1	unit	396	hadoop-hdds in the patch failed.
-1	unit	3244	hadoop-ozone in the patch failed.
+1	asflicense	66	The patch does not generate ASF License warnings.
		9999

Reason	Tests
Failed junit tests	hadoop.hdds.scm.block.TestBlockManager
	hadoop.ozone.client.rpc.TestOzoneRpcClient
	hadoop.ozone.om.TestSecureOzoneManager
	hadoop.hdds.scm.pipeline.TestRatisPipelineCreateAndDestory
	hadoop.ozone.client.rpc.Test2WayCommitInRatis
	hadoop.ozone.client.rpc.TestOzoneAtRestEncryption
	hadoop.ozone.om.TestScmSafeMode
	hadoop.ozone.container.server.TestSecureContainerServer

Subsystem	Report/Notes
Docker	Client=19.03.1 Server=19.03.1 base: https://builds.apache.org/job/hadoop-multibranch/job/PR-1311/5/artifact/out/Dockerfile
GITHUB PR	#1311
Optional Tests	dupname asflicense compile javac javadoc mvninstall mvnsite unit shadedclient findbugs checkstyle
uname	Linux 7959adac1b6c 4.4.0-138-generic #164-Ubuntu SMP Tue Oct 2 17:16:02 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
Build tool	maven
Personality	personality/hadoop.sh
git revision	trunk / ee7c261
Default Java	1.8.0_222
unit	https://builds.apache.org/job/hadoop-multibranch/job/PR-1311/5/artifact/out/patch-unit-hadoop-hdds.txt
unit	https://builds.apache.org/job/hadoop-multibranch/job/PR-1311/5/artifact/out/patch-unit-hadoop-ozone.txt
Test Results	https://builds.apache.org/job/hadoop-multibranch/job/PR-1311/5/testReport/
Max. process+thread count	4499 (vs. ulimit of 5500)
modules	C: hadoop-hdds/common hadoop-hdds/container-service U: hadoop-hdds
Console output	https://builds.apache.org/job/hadoop-multibranch/job/PR-1311/5/console
versions	git=2.7.4 maven=3.3.9 findbugs=3.1.0-RC1
Powered by	Apache Yetus 0.10.0 http://yetus.apache.org

This message was automatically generated.

[hadoop-yetus]

💔 -1 overall

Vote	Subsystem	Runtime	Comment
0	reexec	64	Docker mode activated.
		_ Prechecks _
+1	dupname	1	No case conflicting files found.
+1	@author	0	The patch does not contain any @author tags.
+1	test4tests	0	The patch appears to include 7 new or modified test files.
		_ trunk Compile Tests _
0	mvndep	20	Maven dependency ordering for branch
+1	mvninstall	571	trunk passed
+1	compile	352	trunk passed
+1	checkstyle	59	trunk passed
+1	mvnsite	0	trunk passed
+1	shadedclient	778	branch has no errors when building and testing our client artifacts.
+1	javadoc	168	trunk passed
0	spotbugs	421	Used deprecated FindBugs config; considering switching to SpotBugs.
+1	findbugs	606	trunk passed
		_ Patch Compile Tests _
0	mvndep	66	Maven dependency ordering for patch
+1	mvninstall	520	the patch passed
+1	compile	342	the patch passed
+1	javac	342	the patch passed
+1	checkstyle	62	the patch passed
+1	mvnsite	0	the patch passed
+1	whitespace	0	The patch has no whitespace issues.
+1	shadedclient	597	patch has no errors when building and testing our client artifacts.
+1	javadoc	143	the patch passed
+1	findbugs	629	the patch passed
		_ Other Tests _
+1	unit	357	hadoop-hdds in the patch passed.
-1	unit	2083	hadoop-ozone in the patch failed.
+1	asflicense	43	The patch does not generate ASF License warnings.
		7612

Reason	Tests
Failed junit tests	hadoop.ozone.container.server.TestSecureContainerServer
	hadoop.hdds.scm.pipeline.TestRatisPipelineCreateAndDestory
	hadoop.hdds.scm.pipeline.TestRatisPipelineProvider
	hadoop.ozone.TestMiniOzoneCluster
	hadoop.ozone.client.rpc.TestOzoneRpcClientForAclAuditLog
	hadoop.ozone.om.TestOzoneManager
	hadoop.ozone.client.rpc.TestContainerStateMachine

Subsystem	Report/Notes
Docker	Client=19.03.1 Server=19.03.1 base: https://builds.apache.org/job/hadoop-multibranch/job/PR-1311/6/artifact/out/Dockerfile
GITHUB PR	#1311
Optional Tests	dupname asflicense compile javac javadoc mvninstall mvnsite unit shadedclient findbugs checkstyle
uname	Linux 08736f737b61 4.4.0-138-generic #164-Ubuntu SMP Tue Oct 2 17:16:02 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
Build tool	maven
Personality	personality/hadoop.sh
git revision	trunk / 93daf69
Default Java	1.8.0_222
unit	https://builds.apache.org/job/hadoop-multibranch/job/PR-1311/6/artifact/out/patch-unit-hadoop-ozone.txt
Test Results	https://builds.apache.org/job/hadoop-multibranch/job/PR-1311/6/testReport/
Max. process+thread count	4744 (vs. ulimit of 5500)
modules	C: hadoop-hdds/client hadoop-hdds/common hadoop-hdds/container-service hadoop-ozone/integration-test U: .
Console output	https://builds.apache.org/job/hadoop-multibranch/job/PR-1311/6/console
versions	git=2.7.4 maven=3.3.9 findbugs=3.1.0-RC1
Powered by	Apache Yetus 0.10.0 http://yetus.apache.org

This message was automatically generated.

[xiaoyuyao]

The test failure in TestSecureContainerServer seems related. Can you take a look @vivekratnavel

[vivekratnavel]

Hi @xiaoyuyao

I checked the cause of failure for this integration test TestSecureContainerServer.testClientServerRatisGrpc and it is not related to this change. It fails due to block token verification failure and it fails for the same reason in trunk.

Caused by: org.apache.ratis.protocol.StateMachineException: org.apache.hadoop.hdds.scm.container.common.helpers.StorageContainerException: Block token verification failed. Fail to find any token (empty or null.)

[vivekratnavel]

Created https://issues.apache.org/jira/browse/HDDS-2040 to track the integration test failure.

[hadoop-yetus]

💔 -1 overall

Vote	Subsystem	Runtime	Comment
0	reexec	40	Docker mode activated.
		_ Prechecks _
+1	dupname	1	No case conflicting files found.
+1	@author	0	The patch does not contain any @author tags.
+1	test4tests	0	The patch appears to include 7 new or modified test files.
		_ trunk Compile Tests _
0	mvndep	25	Maven dependency ordering for branch
+1	mvninstall	573	trunk passed
+1	compile	376	trunk passed
+1	checkstyle	76	trunk passed
+1	mvnsite	0	trunk passed
+1	shadedclient	865	branch has no errors when building and testing our client artifacts.
+1	javadoc	172	trunk passed
0	spotbugs	419	Used deprecated FindBugs config; considering switching to SpotBugs.
+1	findbugs	610	trunk passed
		_ Patch Compile Tests _
0	mvndep	36	Maven dependency ordering for patch
+1	mvninstall	539	the patch passed
+1	compile	381	the patch passed
+1	javac	381	the patch passed
+1	checkstyle	84	the patch passed
+1	mvnsite	0	the patch passed
+1	whitespace	0	The patch has no whitespace issues.
+1	shadedclient	678	patch has no errors when building and testing our client artifacts.
+1	javadoc	172	the patch passed
+1	findbugs	624	the patch passed
		_ Other Tests _
+1	unit	315	hadoop-hdds in the patch passed.
-1	unit	2350	hadoop-ozone in the patch failed.
+1	asflicense	51	The patch does not generate ASF License warnings.
		8145

Reason	Tests
Failed junit tests	hadoop.ozone.web.client.TestKeys
	hadoop.hdds.scm.pipeline.TestRatisPipelineProvider
	hadoop.ozone.client.rpc.TestBlockOutputStreamWithFailures
	hadoop.ozone.ozShell.TestOzoneShell
	hadoop.ozone.om.TestSecureOzoneManager
	hadoop.ozone.web.client.TestBuckets
	hadoop.ozone.ozShell.TestS3Shell

Subsystem	Report/Notes
Docker	Client=19.03.1 Server=19.03.1 base: https://builds.apache.org/job/hadoop-multibranch/job/PR-1311/7/artifact/out/Dockerfile
GITHUB PR	#1311
Optional Tests	dupname asflicense compile javac javadoc mvninstall mvnsite unit shadedclient findbugs checkstyle
uname	Linux 39ef1e8d8fae 4.15.0-58-generic #64-Ubuntu SMP Tue Aug 6 11:12:41 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux
Build tool	maven
Personality	personality/hadoop.sh
git revision	trunk / 3329257
Default Java	1.8.0_222
unit	https://builds.apache.org/job/hadoop-multibranch/job/PR-1311/7/artifact/out/patch-unit-hadoop-ozone.txt
Test Results	https://builds.apache.org/job/hadoop-multibranch/job/PR-1311/7/testReport/
Max. process+thread count	5064 (vs. ulimit of 5500)
modules	C: hadoop-hdds/client hadoop-hdds/common hadoop-hdds/container-service hadoop-ozone/integration-test U: .
Console output	https://builds.apache.org/job/hadoop-multibranch/job/PR-1311/7/console
versions	git=2.7.4 maven=3.3.9 findbugs=3.1.0-RC1
Powered by	Apache Yetus 0.10.0 http://yetus.apache.org

This message was automatically generated.

[xiaoyuyao]

LGTM overall. Just have one question comment inline.