[jira] Commented: (HADOOP-6632) Support for using different Kerberos keys for different instances of Hadoop services

[Hadoop QA (JIRA)]

    [ 
https://issues.apache.org/jira/browse/HADOOP-6632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12890104#action_12890104
 ] 

Hadoop QA commented on HADOOP-6632:
-----------------------------------

-1 overall.  Here are the results of testing the latest attachment 
  http://issues.apache.org/jira/secure/attachment/12449900/c6632-07.patch
  against trunk revision 965556.

    +1 @author.  The patch does not contain any @author tags.

    +1 tests included.  The patch appears to include 6 new or modified tests.

    -1 javadoc.  The javadoc tool appears to have generated 1 warning messages.

    +1 javac.  The applied patch does not increase the total number of javac 
compiler warnings.

    +1 findbugs.  The patch does not introduce any new Findbugs warnings.

    +1 release audit.  The applied patch does not increase the total number of 
release audit warnings.

    +1 core tests.  The patch passed core unit tests.

    +1 contrib tests.  The patch passed contrib unit tests.

Test results: 
http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/624/testReport/
Findbugs warnings: 
http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/624/artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html
Checkstyle results: 
http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/624/artifact/trunk/build/test/checkstyle-errors.html
Console output: 
http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/624/console

This message is automatically generated.

> Support for using different Kerberos keys for different instances of Hadoop 
> services
> ------------------------------------------------------------------------------------
>
>                 Key: HADOOP-6632
>                 URL: https://issues.apache.org/jira/browse/HADOOP-6632
>             Project: Hadoop Common
>          Issue Type: Improvement
>            Reporter: Kan Zhang
>            Assignee: Kan Zhang
>         Attachments: 6632.mr.patch, c6632-05.patch, c6632-07.patch, 
> HADOOP-6632-Y20S-18.patch, HADOOP-6632-Y20S-22.patch
>
>
> We tested using the same Kerberos key for all datanodes in a HDFS cluster or 
> the same Kerberos key for all TaskTarckers in a MapRed cluster. But it 
> doesn't work. The reason is that when datanodes try to authenticate to the 
> namenode all at once, the Kerberos authenticators they send to the namenode 
> may have the same timestamp and will be rejected as replay requests. This 
> JIRA makes it possible to use a unique key for each service instance.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.