hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Daryn Sharp (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-9421) Convert SASL to use ProtoBuf and add lengths for non-blocking processing
Date Tue, 18 Jun 2013 21:38:22 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-9421?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13687233#comment-13687233
] 

Daryn Sharp commented on HADOOP-9421:
-------------------------------------

Per Sanjay's request, here's a quick summary:

This patch does not direct address deficiencies in negotiation process.  It merely provides
the flexibility to fix them in the near future.  The basic changes are:
* SASL protobufs
* SASL protobufs wrapped with RPC header
* Server advertised SASL auth methods - currently ignored by client

Wrapping SASL negotiation in a RPC header avoids decoding errors.  Ex. A secure client currently
tries to decode a RPC exception from an incompatible connection header as a SASL message.
 The client also can't handle a RPC exception mid-stream during SASL negotiation.  The RPC
header allows the server and client to correctly decode the payload.

Using the RPC headers, with the addition of a streamId, will also allow the _future potential_
to multiplex multiple UGIs over the same connection.  Services like the NN can be overwhelmed
by a stampede of connections.  The NM may be an ideal candidate for aggregation of connections,
or even a per-node multiplexor for tasks.

Server advertisement of auth methods aims to address the current limitation of allowing 1
pre-determined auth or simple.  Additional consideration is needed for a client-side whitelist
to avoid server unexpectedly requesting weak authentication.  In the current patch, the client
ignores the server and blindly attempts the negotiation as it does today.

+Other future features unlocked by this design+
* Brings us much closer to pluggable auth methods w/o changing server and client code
* Client may select a server advertised auth method to:
*# Support services and/or clusters with heterogenous auth methods (ex. thinking of knox,
rhino, etc)
*# *Critical to Y!*: IP failover, especially for HA with kerberos.  The client needs the active
NN's host to acquire a service ticket
*# Simplify token selection by using an opaque identifier supplied by the server - will eliminate
use_ip, and even the complex HA token logic
*# Support accessing multi-interface hosts on all interfaces
*# Support accessing services via any of their hostnames, ips, or CNAMEs
* Ability to greatly reduce complexity of client/server auth code, and cleanly decouple SASL
logic
* As mentioned before, multiplexing of different UGIs over a shared connection
                
> Convert SASL to use ProtoBuf and add lengths for non-blocking processing
> ------------------------------------------------------------------------
>
>                 Key: HADOOP-9421
>                 URL: https://issues.apache.org/jira/browse/HADOOP-9421
>             Project: Hadoop Common
>          Issue Type: Sub-task
>    Affects Versions: 2.0.3-alpha
>            Reporter: Sanjay Radia
>            Assignee: Daryn Sharp
>            Priority: Blocker
>         Attachments: HADOOP-9421.patch, HADOOP-9421.patch, HADOOP-9421.patch, HADOOP-9421.patch,
HADOOP-9421-v2-demo.patch
>
>


--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message