[
https://issues.apache.org/jira/browse/HADOOP-15977?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16927577#comment-16927577
]
Daryn Sharp commented on HADOOP-15977:
--------------------------------------
Just an update, we've had the netty client/server enabled for most of the year
on all production clusters. It's been surprisingly stable sans a few netty
bugs requiring a workaround. There's couple minor issues I need to address
before porting to community.
In April, TLS was enabled with an optional policy on all servers (ie. NN, RM,
DN, NM, etc). Only non-production clients were configured to do TLS
negotiation. Notably a 4.2k node cluster has been fully encrypted (except task
-> AM communication due to lack of cert) since Apr. It comfortably handles
average ~30k ops/sec with bursts well over 100k ops/sec.
> RPC support for TLS
> -------------------
>
> Key: HADOOP-15977
> URL: https://issues.apache.org/jira/browse/HADOOP-15977
> Project: Hadoop Common
> Issue Type: Improvement
> Components: ipc, security
> Reporter: Daryn Sharp
> Assignee: Daryn Sharp
> Priority: Major
>
> Umbrella ticket to track adding TLS and mutual TLS support to RPC.
--
This message was sent by Atlassian Jira
(v8.3.2#803003)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
