[
https://issues.apache.org/jira/browse/HADOOP-7510?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13099036#comment-13099036
]
Daryn Sharp commented on HADOOP-7510:
-------------------------------------
I think there's critical flaw with trying to maintain a mapping that I forgot
to mention. Kihwal and I explored this approach about a month ago, but
abandoned it due to too many problems. The mapping works iff a process is
running when the ip changes. Example:
* JT acquires the tokens with a given ip. The ip changes at some point during
the job. The JT is a long running process so it could detect the change and
maintain a mapping.
* Tasks that are running prior to the ip change could detect and use their own
mapping.
* New tasks spawned after the ip change will fail. They not aware of the ip
change so they cannot find the token in their cache with the old ip.
If you have an elegant approach to solve this issue, we can discuss further
issues with a mapping.
> Tokens should use original hostname provided instead of ip
> ----------------------------------------------------------
>
> Key: HADOOP-7510
> URL: https://issues.apache.org/jira/browse/HADOOP-7510
> Project: Hadoop Common
> Issue Type: Improvement
> Components: security
> Reporter: Daryn Sharp
> Assignee: Daryn Sharp
> Fix For: 0.20.205.0
>
> Attachments: HADOOP-7510.patch
>
>
> Tokens currently store the ip:port of the remote server. This precludes
> tokens from being used after a host's ip is changed. Tokens should store the
> hostname used to make the RPC connection. This will enable new processes to
> use their existing tokens.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
