[
https://issues.apache.org/jira/browse/HADOOP-7510?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13096181#comment-13096181
]
Jitendra Nath Pandey commented on HADOOP-7510:
----------------------------------------------
> Hftp requests appear to be handled..
Agreed that Hftp should not have an issue because DN resets the service.
However, there could be a usecase where we run into this issue. For example: A
job is launched on cluster running new version and some of its tasks submit a
job on a cluster running older version. I admit this is a contrived use case
and may not exist anywhere. But that makes me worried that we might end up
breaking something.
Can we take following approach (Thanks to Owen and Suresh!)
# Don't change the service in the token and keep it ip:port
# Cache a map in TokenSelectors which maps ipNew to ipOld. Cache entry can be
purged after a token lifetime.
# Token selector matches the new ip, if that doesn't work, it also tries old
ip, if that exists.
The cache will have an entry only if there is an ip failover, otherwise the
TokenSelectors will behave exactly as they are doing today. Another plus is
that tokens don't change at all.
> Tokens should use original hostname provided instead of ip
> ----------------------------------------------------------
>
> Key: HADOOP-7510
> URL: https://issues.apache.org/jira/browse/HADOOP-7510
> Project: Hadoop Common
> Issue Type: Improvement
> Components: security
> Reporter: Daryn Sharp
> Assignee: Daryn Sharp
> Fix For: 0.20.205.0
>
> Attachments: HADOOP-7510.patch
>
>
> Tokens currently store the ip:port of the remote server. This precludes
> tokens from being used after a host's ip is changed. Tokens should store the
> hostname used to make the RPC connection. This will enable new processes to
> use their existing tokens.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
