[
https://issues.apache.org/jira/browse/HADOOP-15978?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16737254#comment-16737254
]
Daryn Sharp commented on HADOOP-15978:
--------------------------------------
I'm back from a nice very long vacation and starting to catch up. Thanks
[~jojochuang] for the review comments!
bq. Does it support rolling restart? ...
Most definitely or we'd never be able to deploy.
bq. add ipc.server.netty.enable in core-default.xml
I'd prefer not adding/documenting, yet, but rather regard as "experimental" as
indicated in comments until the later patches. However I will add now if you
feel strongly about it.
bq. shading: ....
I admit complete ignorance and will defer to your patch, thanks! Regarding
later comment on hbase issues with a shade prefix of "hrpc.", is the imposed
requirement to always prefix with o.a.h.?
bq. Do we always want to use EpollServerSocketChannel for Linux? The similar
netty initialization in HBase asyncfs implementation checks if the os.arch is
amd64.
I'd say yes due to performance. Explicitly checking the arch is brittle when
{{Epoll.isAvailable()}} will support any current or future arch with epoll.
(Netty should have hidden the various arch specific impls with a
{{NativeServerSocketChannel}} interface...)
bq. Does it require netty-transport-native-epoll ...
Yes. I originally had a dep, not sure why I removed it. The native transport
was used during testing so the dep came in somehow... Will look into it.
bq. Once TLS is implemented and enabled, what configuration or additional
preparation will be required? It seems both client and server will require
generating additional certificates.
This will arrive in the later subtasks. Briefly, and we can further discuss on
the other jiras, intention is:
# server-side option if TLS is disabled, optional, or mandatory – using a
facility much like the {{SaslPropertiesResolver}} to support requirements for
mixed environments
# client/server cert location – leverage existing
{{server-\{client,server\}.xml}} resources
# client-side option for optimistic TLS, otherwise switch to TLS if server’s
NEGOTIATE response requests TLS (optional or mandatory)
Are you still reviewing the implementation? Or is addressing the cited issues
(including pre-commit dings) sufficient?
> Add Netty support to the RPC server
> -----------------------------------
>
> Key: HADOOP-15978
> URL: https://issues.apache.org/jira/browse/HADOOP-15978
> Project: Hadoop Common
> Issue Type: Sub-task
> Components: ipc, security
> Reporter: Daryn Sharp
> Assignee: Daryn Sharp
> Priority: Major
> Attachments: HADOOP-15978.patch, HADOOP-15978.shade.patch
>
>
> Adding Netty will allow later using a native TLS transport layer with much
> better performance than that offered by Java's SSLEngine.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
