hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Aaron T. Myers (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (HDFS-3893) QJM: Make QJM work with security enabled
Date Thu, 06 Sep 2012 01:32:07 GMT

     [ https://issues.apache.org/jira/browse/HDFS-3893?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Aaron T. Myers updated HDFS-3893:
---------------------------------

    Attachment: HDFS-3893.patch

Thanks a lot for the review, Todd. Here's a patch which should address your comments.

bq. Can you refactor the code which lists all of the NN principals in the configuration into
a new method in HAUtil perhaps? eg HAUtil.getAllNamenodePrincipals? Or if it seems better,
one that returns a list of Configurations, one for each NN in the cluster? HAUtil.getAllNameNodeConfs().
Seems like a lot of code to inline here in the context of this servlet.

Refactored this into DFSUtil#getAllNnPrincipals. I put it in DFSUtil since it's not really
HA-specific.

bq. Can you explain why we have two different principals, one for RPC and one for SPNEGO?
i.e what is "DFS_JOURNALNODE_INTERNAL_SPNEGO_USER_NAME_KEY"? I know I put it there in the
first place, but I was just cargo-culting and could stand to learn something here.

The issue is that the HTTP server _must_ log in as a principal whose first component is "HTTP".
This is part of the SPNEGO spec, and cannot be deviated from. I suppose we could have the
JN do all of its other work as the "HTTP" principal, but that seems a little bizarre.

bq. The SecurityUtil stuff in EditLogFileInputStream is a little gross. I wouldn't expect
to see it at this layer, especially not with the login user. I think a slight improvement
would be UserGroupInformation.getCurrentUser().doAs() so that we support non-login-user access
if a daemon has multiple principals associated. Better would be to figure out who the callers
are and make sure that their main loops are properly authenticated (eg how EditLogTailer has
a doAs around its loop).

Changed it to use the current user instead of the login user.

bq. In the NN, do we also need to add login calls for initializeSharedEdits and bootstrapStandby?

BootstrapStandby was already taking care of this, but you're right that it now needs to be
there for the initializeSharedEdits command. The latest patch fixes this. Good catch.
                
> QJM: Make QJM work with security enabled
> ----------------------------------------
>
>                 Key: HDFS-3893
>                 URL: https://issues.apache.org/jira/browse/HDFS-3893
>             Project: Hadoop HDFS
>          Issue Type: Sub-task
>          Components: name-node, security
>    Affects Versions: QuorumJournalManager (HDFS-3077)
>            Reporter: Aaron T. Myers
>            Assignee: Aaron T. Myers
>         Attachments: HDFS-3893.patch, HDFS-3893.patch
>
>
> Currently the QJM does not work when security is enabled. The quorum cannot be formatted,
the NN and SBN cannot communicate with the JNs, and JNs cannot synchronize edit logs with
each other.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message