accumulo-notifications mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Mike Yoder (JIRA)" <>
Subject [jira] [Commented] (ACCUMULO-3890) Use of CredentialProvider results in a lot of NN ops
Date Fri, 05 Jun 2015 21:14:00 GMT


Mike Yoder commented on ACCUMULO-3890:

Granted the existing publicly available implementations are all based on something file-like.
But you never know what's coming in the future...and moving secrets into an external store
and hooking them up via the CredentialProvider is an appealing story. Caching is a reasonable
idea to cut down on RPCs, but I'd think you'd want to age items out of the cache fairly quickly.

I had a peek at some of the latest CredentialProvider code; the getCredentialEntry()  call
does have a cache, but I don't see any calls to actually populate that cache.  Wonder what's
going on there; you might want to investigate that bit first.

> Use of CredentialProvider results in a lot of NN ops
> ----------------------------------------------------
>                 Key: ACCUMULO-3890
>                 URL:
>             Project: Accumulo
>          Issue Type: Bug
>    Affects Versions: 1.6.1, 1.6.2, 1.7.0
>            Reporter: Billie Rinaldi
>            Assignee: Billie Rinaldi
>             Fix For: 1.7.1, 1.8.0
> Every time we access a sensitive property or iterate over a configuration when there
is a CredentialProvider configured, it results in NN operations (as evidenced by FSNamesystem.audit
logs).  I think that we could assume the CredentialProvider is static, read its properties
once and cache them in memory to avoid these unnecessary reads.

This message was sent by Atlassian JIRA

View raw message