hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Allen Wittenauer (JIRA)" <j...@apache.org>
Subject [jira] Commented: (HDFS-945) Make NameNode resilient to DoS attacks (malicious or otherwise)
Date Fri, 05 Feb 2010 18:01:34 GMT

    [ https://issues.apache.org/jira/browse/HDFS-945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12830200#action_12830200
] 

Allen Wittenauer commented on HDFS-945:
---------------------------------------

QoS (which is really what we're talking about here) is better done at the application layer,
IMO.  Passing this work off to an already overworked iptables (which is providing security
since hadoop doesn't have much of any) is an idea that won't scale, esp at Yahoo! levels.

> Make NameNode resilient to DoS attacks (malicious or otherwise)
> ---------------------------------------------------------------
>
>                 Key: HDFS-945
>                 URL: https://issues.apache.org/jira/browse/HDFS-945
>             Project: Hadoop HDFS
>          Issue Type: Improvement
>          Components: name-node
>            Reporter: Arun C Murthy
>
> We've seen defective applications cause havoc on the NameNode, for e.g. by doing 100k+
'listStatus' on very large directories (60k files) etc.
> I'd like to start a discussion around how we prevent such, and possibly malicious applications
in the future, taking down the NameNode.
> Thoughts?

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message