hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jakob Homan (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HDFS-1150) Verify datanodes' identities to clients in secure clusters
Date Thu, 31 Mar 2011 23:48:06 GMT

    [ https://issues.apache.org/jira/browse/HDFS-1150?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13014301#comment-13014301
] 

Jakob Homan commented on HDFS-1150:
-----------------------------------

Nicholas-
  Regarding the packaging question you asked yesterday (open-source development and collaboration
sometimes does have a bit of lag), you raise a good point that wasn't addressed by the original
patch.  As you can see, this patch was written in the middle of the security work under tight
deadlines.  There is certainly room for improvement.  I will file a follow-up JIRA we and
we can improve this.  After you noticed this, I spoke with Allen yesterday to brainstorm ways
to improve it, hopefully as part of the ongoing packaging discussions, but would love to have
your input. 
  As far as Windows goes, as pointed out above, we've never supported security under Windows.
 As far as I know, you're the final HDFS developer to be working day to day under a Windows
environment.  Perhaps it's time the community took another look whether or not it's still
worth it to provide this support.  Patches to make new features work under Windows after their
original *nix patches are common; please file one for this, if you like.

> Verify datanodes' identities to clients in secure clusters
> ----------------------------------------------------------
>
>                 Key: HDFS-1150
>                 URL: https://issues.apache.org/jira/browse/HDFS-1150
>             Project: Hadoop HDFS
>          Issue Type: New Feature
>          Components: data-node
>    Affects Versions: 0.22.0
>            Reporter: Jakob Homan
>            Assignee: Jakob Homan
>             Fix For: 0.22.0
>
>         Attachments: HDFS-1150-BF-Y20-LOG-DIRS-2.patch, HDFS-1150-BF-Y20-LOG-DIRS.patch,
HDFS-1150-BF1-Y20.patch, HDFS-1150-Y20-BetterJsvcHandling.patch, HDFS-1150-Y20S-Rough-2.patch,
HDFS-1150-Y20S-Rough-3.patch, HDFS-1150-Y20S-Rough-4.patch, HDFS-1150-Y20S-Rough.txt, HDFS-1150-Y20S-ready-5.patch,
HDFS-1150-Y20S-ready-6.patch, HDFS-1150-Y20S-ready-7.patch, HDFS-1150-Y20S-ready-8.patch,
HDFS-1150-trunk-2.patch, HDFS-1150-trunk-3.patch, HDFS-1150-trunk.patch, HDFS-1150-y20.build-script.patch,
RequireSecurePorts.patch, commons-daemon-1.0.2-src.tar.gz, hdfs-1150-bugfix-1.1.patch, hdfs-1150-bugfix-1.2.patch,
hdfs-1150-bugfix-1.patch
>
>
> Currently we use block access tokens to allow datanodes to verify clients' identities,
however we don't have a way for clients to verify the authenticity of the datanodes themselves.

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message