hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Daryn Sharp (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-7510) Tokens should use original hostname provided instead of ip
Date Fri, 02 Sep 2011 19:09:09 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-7510?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13096218#comment-13096218

Daryn Sharp commented on HADOOP-7510:

Actually, the contrived case isn't a problem because any permutation of old/new works.  Everything
that gets a token immediately stomps the service to its format.  Both sides always ignore
what the other side set.

The suggested approach won't handle all use cases.  One problem with the current implementation,
but fixed by this patch, is that I can't specify an exact ip for a host and always have that
ip used.  The ip will be resolved to a host, and the host resolved to an ip.  The problem
is that ip->host->ip may not return the same ip!

With the static {{TokenSelector}} cache, there's issues with how to handle multiple ip changes.
 The cache lookup will have to deal with circular loops.  There would also need to be something
like reference counting to expire the cache.  Multiple tokens may be relying on the mappings
being maintained in the {{TokenSelector}}.

Certain code expects to be able to connect to the value in the service field.  There would
need to be a mapping that maintained the token ip to the original host or ip, and if a host,
re-resolve the host to its current ip.

Unless I'm misunderstanding the proposal, it sounds much more complicated than this patch?

> Tokens should use original hostname provided instead of ip
> ----------------------------------------------------------
>                 Key: HADOOP-7510
>                 URL: https://issues.apache.org/jira/browse/HADOOP-7510
>             Project: Hadoop Common
>          Issue Type: Improvement
>          Components: security
>            Reporter: Daryn Sharp
>            Assignee: Daryn Sharp
>             Fix For:
>         Attachments: HADOOP-7510.patch
> Tokens currently store the ip:port of the remote server.  This precludes tokens from
being used after a host's ip is changed.  Tokens should store the hostname used to make the
RPC connection.  This will enable new processes to use their existing tokens.

This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira


View raw message