hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Chris Nauroth (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (HDFS-6859) Allow dfs.data.transfer.protection default to hadoop.rpc.protection
Date Mon, 18 Aug 2014 19:59:20 GMT

     [ https://issues.apache.org/jira/browse/HDFS-6859?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Chris Nauroth updated HDFS-6859:
--------------------------------

    Resolution: Won't Fix
        Status: Resolved  (was: Patch Available)

Hi, [~benoyantony].  Unfortunately, I don't think we can implement this change for reasons
of compatibility.

At runtime, it's important that a DataNode is using either a privileged port or SASL on DataTransferProtocol,
but not both.  The client checks the port number of the DataNode it's connecting to.  It only
tries SASL if the port is a non-privileged port.  This is important in scenarios like switching
an existing cluster from using root to using SASL.  When that happens, you could temporarily
have a state where there is a mix of some DataNodes using root and other DataNodes using SASL.
 Thus, the client needs a clear way to determine whether or not to try SASL.  This is discussed
more fully in this comment from HDFS-2856:

https://issues.apache.org/jira/browse/HDFS-2856?focusedCommentId=13988389&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-13988389

The problem with the change proposed here is that existing clusters would have hadoop.rpc.protection
configured, and therefore they would automatically get dfs.data.transfer.protection when they
upgrade HDFS software.  This would make the DataNode think it needs to use SASL, even though
it's still configured to run on a privileged port.

We actually reject attempts to configure both a privileged port and SASL simultaneously for
this very reason.  See {{DataNode#checkSecureConfig}}, which aborts during startup if it finds
this kind of configuration.

I'm going to resolve this as won't fix, but please feel free to reopen if you have another
take on this.  Thanks!

> Allow dfs.data.transfer.protection default to hadoop.rpc.protection
> -------------------------------------------------------------------
>
>                 Key: HDFS-6859
>                 URL: https://issues.apache.org/jira/browse/HDFS-6859
>             Project: Hadoop HDFS
>          Issue Type: Improvement
>          Components: security
>    Affects Versions: 2.5.0
>            Reporter: Benoy Antony
>            Assignee: Benoy Antony
>            Priority: Minor
>         Attachments: HDFS-6859.patch
>
>
> Currently administrator needs to configure both _dfs.data.transfer.protection_ and _hadoop.rpc.protection_
to specify _QOP_ for rpc and data transfer protocols. In some cases, the values for these
two properties will be same. In those cases, it may be easier to allow dfs.data.transfer.protection
default to hadoop.rpc.protection.
> This also ensures that an admin will get QOP as _Authentication_ if admin  does not specify
either of those values.
> Separate jiras  (HDFS-6858 and HDFS-6859) are created for dfs.data.transfer.saslproperties.resolver.class
and dfs.data.transfer.protection respectively.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message