Return-Path: X-Original-To: apmail-accumulo-notifications-archive@minotaur.apache.org Delivered-To: apmail-accumulo-notifications-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 5FD2C18EA8 for ; Wed, 10 Jun 2015 10:54:01 +0000 (UTC) Received: (qmail 93660 invoked by uid 500); 10 Jun 2015 10:54:01 -0000 Delivered-To: apmail-accumulo-notifications-archive@accumulo.apache.org Received: (qmail 93620 invoked by uid 500); 10 Jun 2015 10:54:01 -0000 Mailing-List: contact notifications-help@accumulo.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: jira@apache.org Delivered-To: mailing list notifications@accumulo.apache.org Received: (qmail 93603 invoked by uid 99); 10 Jun 2015 10:54:01 -0000 Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 10 Jun 2015 10:54:01 +0000 Date: Wed, 10 Jun 2015 10:54:01 +0000 (UTC) From: "Larry McCay (JIRA)" To: notifications@accumulo.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Commented] (ACCUMULO-3890) Use of CredentialProvider results in a lot of NN ops MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/ACCUMULO-3890?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14580388#comment-14580388 ] Larry McCay commented on ACCUMULO-3890: --------------------------------------- Working on HADOOP-12076, I came across the fact that the provider's in-memory keystore instance already acts as a cache. The many audit entries are therefore more than likely related to creating and loading the providers over and over rather than actual credential acquisition. Perhaps we can avoid additional caching of values everywhere given this information. Just don't keep creating new credential providers if the credential.provider.path config is the same in between. > Use of CredentialProvider results in a lot of NN ops > ---------------------------------------------------- > > Key: ACCUMULO-3890 > URL: https://issues.apache.org/jira/browse/ACCUMULO-3890 > Project: Accumulo > Issue Type: Bug > Affects Versions: 1.6.1, 1.6.2, 1.7.0 > Reporter: Billie Rinaldi > Assignee: Billie Rinaldi > Fix For: 1.6.3, 1.7.1, 1.8.0 > > Attachments: ACCUMULO-3890.1.patch, ACCUMULO-3890.2.patch > > > Every time we access a sensitive property or iterate over a configuration when there is a CredentialProvider configured, it results in NN operations (as evidenced by FSNamesystem.audit logs). I think that we could assume the CredentialProvider is static, read its properties once and cache them in memory to avoid these unnecessary reads. -- This message was sent by Atlassian JIRA (v6.3.4#6332)