hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Aaron T. Myers (Commented) (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-8247) Auto-HA: add a config to enable auto-HA, which disables manual FC
Date Fri, 06 Apr 2012 20:25:22 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-8247?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13248724#comment-13248724
] 

Aaron T. Myers commented on HADOOP-8247:
----------------------------------------

{quote}
Add a new flag dfs.ha.automatic-failover.enabled, which is set per-nameservice or globally
Add a new RequestInfo structure as a parameter to all the HAServiceProtocol methods. This
currently just has one field, which indicates what type of client the request is on behalf
of. It can either be a user (manual CLI failover), ZKFC (auto failover), or USER_FORCE –
indicating that it's a user who wants to avoid this safety check.
In the NN, if auto-failover is enabled, disallow HA requests from users. If it's not enabled,
disallow HA requests from ZKFCs.
In the ZKFC, disallow startup if auto-failover is disabled
{quote}

All this makes a lot of sense to me, Todd. The only question I have is whether or not it really
makes sense to add a RequestInfo structure, instead of just an extra parameter whose value
is defined by a simple 3-element enum. What else do you envision being added to the RequestInfo
structure?
                
> Auto-HA: add a config to enable auto-HA, which disables manual FC
> -----------------------------------------------------------------
>
>                 Key: HADOOP-8247
>                 URL: https://issues.apache.org/jira/browse/HADOOP-8247
>             Project: Hadoop Common
>          Issue Type: Improvement
>          Components: auto-failover, ha
>    Affects Versions: Auto Failover (HDFS-3042)
>            Reporter: Todd Lipcon
>            Assignee: Todd Lipcon
>         Attachments: hadoop-8247.txt
>
>
> Currently, if automatic failover is set up and running, and the user uses the "haadmin
-failover" command, he or she can end up putting the system in an inconsistent state, where
the state in ZK disagrees with the actual state of the world. To fix this, we should add a
config flag which is used to enable auto-HA. When this flag is set, we should disallow use
of the haadmin command to initiate failovers. We should refuse to run ZKFCs when the flag
is not set. Of course, this flag should be scoped by nameservice.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

       

Mime
View raw message