hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Yongjun Zhang (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HDFS-7036) HDFS-6776 fix requires to upgrade insecure cluster, which means quite some user pain
Date Wed, 24 Sep 2014 22:59:34 GMT

    [ https://issues.apache.org/jira/browse/HDFS-7036?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14147038#comment-14147038
] 

Yongjun Zhang commented on HDFS-7036:
-------------------------------------

Hi [~wheat9],

One example I described several times and in my previous comment is issuing {{hadoop fs -ls
<insecureCluster>}} from secure cluster side. It's broken for the same reason. Do you
suggest to hack the fsshell too or leave it as broken as is?  In addition, imagine user could
write their own applications to access data in both secure and insecure cluster.

Would you please provide some *concrete" example of potential damage?

Thanks.










> HDFS-6776 fix requires to upgrade insecure cluster, which means quite some user pain
> ------------------------------------------------------------------------------------
>
>                 Key: HDFS-7036
>                 URL: https://issues.apache.org/jira/browse/HDFS-7036
>             Project: Hadoop HDFS
>          Issue Type: Bug
>          Components: webhdfs
>    Affects Versions: 2.5.1
>            Reporter: Yongjun Zhang
>            Assignee: Yongjun Zhang
>         Attachments: HDFS-7036.001.patch
>
>
> Issuing command
> {code}
>  hadoop fs -lsr webhdfs://<insecureCluster>
> {code}
> at a secure cluster side fails with message "Failed to get the token ...", similar symptom
as reported in HDFS-6776.
> If the fix of HDFS-6776 is applied to only the secure cluster, doing 
> {code}
> distcp webhdfs://<insecureCluster> <secureCluster>
> {code}
> would fail same way.
> Basically running any application in secure cluster to access insecure cluster via webhdfs
would fail the same way, if the HDFS-6776 fix is not applied to the insecure cluster.
> This could be quite some user pain. Filing this jira for a solution to make user's life
easier.
> One proposed solution was to add a msg-parsing mechanism in webhdfs, which is a bit hacky.
The other proposed solution is to do the same kind of hack at application side, which means
the same hack need to be applied in each application.
> Thanks [~daryn], [~wheat9], [~jingzhao], [~tucu00] and [~atm] for the discussion in HDFS-6776.
>  



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message