[
https://issues.apache.org/jira/browse/HADOOP-11656?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15973641#comment-15973641
]
Sangjin Lee commented on HADOOP-11656:
--------------------------------------
bq. I may be able to work around it by patching out the bundled deps for Fedora
builds...
You can do that only so much from your side. Maybe swapping 1.2.3 of something
with 1.2.4 would work, but the Hadoop community cannot guarantee that things
will work if the version jump is sufficiently large.
{quote}
If I'm understanding the situation correctly, perhaps there's a better way to
resolve dependency convergence issues? I've found that often, just following
semantic versioning, and keeping dependencies reasonably up-to-date resolves
most issues.
{quote}
As [~steve_l] noted, it's not so simple as adopting semantic versioning etc.
I'd be the first to acknowledge that the current set of dependency versions is
hopelessly outdated. But we have been very conservative for fear of causing
more issues by upgrading for downstream users and frameworks. The 3.0 timeframe
gives us a window to make these changes that will insulate downstream from
Hadoop and vice versa.
bq. But right now we don't have any way to stop changes in Hadoop's
dependencies from breaking things downstream.
I would disagree with this statement. Shading is only *one* mechanism of
isolating classpaths. The other commonly used mechanism is to have an isolating
classloader, like a servlet webapp classloader. Hadoop has had this for many
years, and folks have been using it with success. And it doesn't involve
rewriting classes at build time.
We've been working on making it stricter for 3.0 so that we can finally
separate the Hadoop classpath from the user classpath, thereby freeing Hadoop
to evolve its dependencies without worrying about users' dependencies. See
HADOOP-13070 and HADOOP-13398. IMO, we should keep the isolating classloader
feature for 3.0 and get that done for the container runtime at least.
> Classpath isolation for downstream clients
> ------------------------------------------
>
> Key: HADOOP-11656
> URL: https://issues.apache.org/jira/browse/HADOOP-11656
> Project: Hadoop Common
> Issue Type: New Feature
> Reporter: Sean Busbey
> Assignee: Sean Busbey
> Priority: Blocker
> Labels: classloading, classpath, dependencies, scripts, shell
> Attachments: HADOOP-11656_proposal.md
>
>
> Currently, Hadoop exposes downstream clients to a variety of third party
> libraries. As our code base grows and matures we increase the set of
> libraries we rely on. At the same time, as our user base grows we increase
> the likelihood that some downstream project will run into a conflict while
> attempting to use a different version of some library we depend on. This has
> already happened with i.e. Guava several times for HBase, Accumulo, and Spark
> (and I'm sure others).
> While YARN-286 and MAPREDUCE-1700 provided an initial effort, they default to
> off and they don't do anything to help dependency conflicts on the driver
> side or for folks talking to HDFS directly. This should serve as an umbrella
> for changes needed to do things thoroughly on the next major version.
> We should ensure that downstream clients
> 1) can depend on a client artifact for each of HDFS, YARN, and MapReduce that
> doesn't pull in any third party dependencies
> 2) only see our public API classes (or as close to this as feasible) when
> executing user provided code, whether client side in a launcher/driver or on
> the cluster in a container or within MR.
> This provides us with a double benefit: users get less grief when they want
> to run substantially ahead or behind the versions we need and the project is
> freer to change our own dependency versions because they'll no longer be in
> our compatibility promises.
> Project specific task jiras to follow after I get some justifying use cases
> written in the comments.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
