hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Todd Lipcon (Commented) (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HDFS-2904) HA: Client support for getting delegation tokens to an HA cluster
Date Fri, 24 Feb 2012 18:53:48 GMT

    [ https://issues.apache.org/jira/browse/HDFS-2904?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13215812#comment-13215812

Todd Lipcon commented on HDFS-2904:

bq. I think we should not couple the idea of logical uri with the failover proxy configuration.
For example, someone might want to turnoff ha and not provide failover proxy configurations,
but the logical URIs should continue to work.

This seems similar to your JIRA HDFS-2839, right? I don't disagree with you that it would
be nice to generalize the concept of logical URIs further, but as it stands today, it is not
general - this patch just works with the existing design, rather than seeking to change it.

bq. In the cloneDelegationTokenForLogicalUri, should we clone one more token for the standby
as well for ha configurations?

Not sure I follow what you mean here. Before the ConfiguredFailoverProxyProvider creates a
new proxy, it calls this method to clone the logical-service DT to the physical-address DT
it's about to connect to. So this works with any number of standby nodes.

bq. I think it is a good idea to clone a token for a logical service, to multiple tokens with
underlying service addresses. We should have it irrespective of the failover proxy configuration
i.e. whenever we have a logical uri, we map it to actual service addresses and clone token
for each.
Currently the only thing that can "map to actual service addresses" is the proxy provider.
This is similar to your #1 above. In the case of a ZK-based failover, for example, there is
no list of "actual service addresses" to consult, unless it had explicit registration/deregistration

> HA: Client support for getting delegation tokens to an HA cluster
> -----------------------------------------------------------------
>                 Key: HDFS-2904
>                 URL: https://issues.apache.org/jira/browse/HDFS-2904
>             Project: Hadoop HDFS
>          Issue Type: Sub-task
>          Components: ha, hdfs client, name-node, security
>    Affects Versions: HA branch (HDFS-1623)
>            Reporter: Todd Lipcon
>            Assignee: Todd Lipcon
>            Priority: Critical
>         Attachments: hdfs-2904.txt, hdfs-2904.txt, hdfs-2904.txt, test-dt.sh
> Currently we have server-side support for delegation tokens in HA, and some tests to
verify it, but the client throws NPEs when trying to fetch a DT. This is because the cluster
doesn't have a single hostname, but instead a logical nameservice name.

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira


View raw message