hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Eli Collins (JIRA)" <j...@apache.org>
Subject [jira] Commented: (HDFS-945) Make NameNode resilient to DoS attacks (malicious or otherwise)
Date Wed, 03 Feb 2010 19:45:28 GMT

    [ https://issues.apache.org/jira/browse/HDFS-945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12829219#action_12829219
] 

Eli Collins commented on HDFS-945:
----------------------------------

Let's keep this jira to mechanism, can discuss policy (eg defaults) later. If we really want
to prevent DoS then HDFS needs some notion of QOS reservations (and even then you can just
use more clients with different IPs etc). I suspect for now it's best to try to limit the
impact of any one operation (eg lsr /), and then rate limit operations by client. Agree with
Todd about focusing on the non-malicious use case first.

> Make NameNode resilient to DoS attacks (malicious or otherwise)
> ---------------------------------------------------------------
>
>                 Key: HDFS-945
>                 URL: https://issues.apache.org/jira/browse/HDFS-945
>             Project: Hadoop HDFS
>          Issue Type: Improvement
>          Components: name-node
>            Reporter: Arun C Murthy
>
> We've seen defective applications cause havoc on the NameNode, for e.g. by doing 100k+
'listStatus' on very large directories (60k files) etc.
> I'd like to start a discussion around how we prevent such, and possibly malicious applications
in the future, taking down the NameNode.
> Thoughts?

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message