hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Daryn Sharp (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-7510) Tokens should use original hostname provided instead of ip
Date Thu, 04 Aug 2011 14:41:27 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-7510?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13079396#comment-13079396
] 

Daryn Sharp commented on HADOOP-7510:
-------------------------------------

Yes, thank you for the considerations.  You'll be glad to know that I have already carefully
considered those concerns.  I found a means of ensuring that an {{InetSocketAddress}} is constructed
such that {{getHostName}} will return the exact host (whether hostname, cname, ip, etc) used
to instantiate the object.  That will allow {{ipc.Client}} to correctly match the tokens.
 Dns re-lookups are prevented which is important because:
# If a cname is used, then the resolved ip may point to a hostname that if resolved again
will return a different ip.  Ex. nn.domain is a cname for either nn1.domain or nn2.domain.
 The site may toggle the cname but {{ipc.Client}} will not reconnect to the proper host. 
Ie. cname (nn.domain) -> ip -> hostname (nn1.domain).
# If an exact ip is used, the ip may not resolve to a hostname which will cause failures.
 Or the user explicitly wants to connect to only that ip -- one example may be for testing,
or because dns is fouled.  Using a dns lookup may cause the client to unexpectedly connect
to a different ip.

> Tokens should use original hostname provided instead of ip
> ----------------------------------------------------------
>
>                 Key: HADOOP-7510
>                 URL: https://issues.apache.org/jira/browse/HADOOP-7510
>             Project: Hadoop Common
>          Issue Type: Improvement
>          Components: security
>            Reporter: Daryn Sharp
>            Assignee: Daryn Sharp
>             Fix For: 0.20.205.0
>
>
> Tokens currently store the ip:port of the remote server.  This precludes tokens from
being used after a host's ip is changed.  Tokens should store the hostname used to make the
RPC connection.  This will enable new processes to use their existing tokens.

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message