hadoop-common-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Philip Zeyliger (JIRA)" <j...@apache.org>
Subject [jira] Commented: (HADOOP-5722) HTTP metrics interface enable/disable must be configurable
Date Wed, 22 Apr 2009 19:22:47 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-5722?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12701658#action_12701658

Philip Zeyliger commented on HADOOP-5722:

Hi Marco,

To implement HADOOP-5469, I didn't need to open a new port; I merely added a servlet to the
HTTP server already running.  (The relevant code snippet is below.)  If folks would like,
it'd be easy to add if clauses around relevant methods.  Feel free to propose configuration

Unlike JMX, /metrics is read-only.  The scariest stuff it gives you access to is some of your
JVM configuration and the counters for jobs running on JobTrackers.

  protected void addDefaultServlets() {
    // set up default servlets
    addServlet("stacks", "/stacks", StackServlet.class);
    addServlet("logLevel", "/logLevel", LogLevel.Servlet.class);
    addServlet("metrics", "/metrics", MetricsServlet.class);

> HTTP metrics interface enable/disable must be configurable
> ----------------------------------------------------------
>                 Key: HADOOP-5722
>                 URL: https://issues.apache.org/jira/browse/HADOOP-5722
>             Project: Hadoop Core
>          Issue Type: Bug
>          Components: metrics
>            Reporter: Marco Nicosia
> HADOOP-5469 added a convenient end-run around JMX authentication by revealing the same
metrics over HTTP. That's cool, but we need to secure all accesses to our Hadoop cluster,
so while this may be enabled by default, we need some configurable way to disable the unauthenticated

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message