Return-Path: X-Original-To: apmail-hadoop-common-issues-archive@minotaur.apache.org Delivered-To: apmail-hadoop-common-issues-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id F25DD780C for ; Thu, 8 Sep 2011 19:38:31 +0000 (UTC) Received: (qmail 42014 invoked by uid 500); 8 Sep 2011 19:38:31 -0000 Delivered-To: apmail-hadoop-common-issues-archive@hadoop.apache.org Received: (qmail 41948 invoked by uid 500); 8 Sep 2011 19:38:30 -0000 Mailing-List: contact common-issues-help@hadoop.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: common-issues@hadoop.apache.org Delivered-To: mailing list common-issues@hadoop.apache.org Received: (qmail 41940 invoked by uid 99); 8 Sep 2011 19:38:30 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 08 Sep 2011 19:38:30 +0000 X-ASF-Spam-Status: No, hits=-2000.5 required=5.0 tests=ALL_TRUSTED,RP_MATCHES_RCVD X-Spam-Check-By: apache.org Received: from [140.211.11.116] (HELO hel.zones.apache.org) (140.211.11.116) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 08 Sep 2011 19:38:29 +0000 Received: from hel.zones.apache.org (hel.zones.apache.org [140.211.11.116]) by hel.zones.apache.org (Postfix) with ESMTP id 1604089190 for ; Thu, 8 Sep 2011 19:38:09 +0000 (UTC) Date: Thu, 8 Sep 2011 19:38:09 +0000 (UTC) From: "Daryn Sharp (JIRA)" To: common-issues@hadoop.apache.org Message-ID: <577564191.4581.1315510689086.JavaMail.tomcat@hel.zones.apache.org> In-Reply-To: <483574068.6147.1312408047400.JavaMail.tomcat@hel.zones.apache.org> Subject: [jira] [Commented] (HADOOP-7510) Tokens should use original hostname provided instead of ip MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/HADOOP-7510?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13100629#comment-13100629 ] Daryn Sharp commented on HADOOP-7510: ------------------------------------- To address your concerns: # You can use "mapreduce.job.hdfs-servers" to specify a list of paths for which to get delegation tokens on the remote cluster. 2) The behavior is pretty well defined in the javadocs for InetAddress and InetSocketAddress. 3) True, but are the other 205 changes not risky? The append code is risky, the sync code is risky, the block receiver changes are risky, the lease renewal changes are risky, etc. This are arguably more likely to fail in subtle ways, whereas if the tokens don't match, the system flat out breaks. I'm not sure I understand why you think I'm not using standard java apis. The calls are all documented and the behavior is standard. I'm open to other means of determining -exactly- what string was used to instantiate the InetSocketAddress. In Java 7, it's called {{getHostString()}}. How about if I add a config option to control whether the new behavior in this patch is enabled? > Tokens should use original hostname provided instead of ip > ---------------------------------------------------------- > > Key: HADOOP-7510 > URL: https://issues.apache.org/jira/browse/HADOOP-7510 > Project: Hadoop Common > Issue Type: Improvement > Components: security > Reporter: Daryn Sharp > Assignee: Daryn Sharp > Fix For: 0.20.205.0 > > Attachments: HADOOP-7510-2.patch, HADOOP-7510-3.patch, HADOOP-7510.patch > > > Tokens currently store the ip:port of the remote server. This precludes tokens from being used after a host's ip is changed. Tokens should store the hostname used to make the RPC connection. This will enable new processes to use their existing tokens. -- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira