[
https://issues.apache.org/jira/browse/HADOOP-11656?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14347174#comment-14347174
]
Sean Busbey commented on HADOOP-11656:
--------------------------------------
I don't see how we can do this compatibly. Even defaulting to use the
application classloader will break some downstream projects. Certainly going
the step farther to make sure we also only expose our API to them, wether via
an OSGi container or not, will break even more of them.
I can understand the desire to have a compatible version of this in the 2.x
line. Probably the option to have it off would make the most sense for that.
However, this kind of isolation is something we _should_ be doing. The reason
to focus first on a breaking version is so we can have doing things correctly
staked to some point in the future.
There are plenty of ways we can make the transition easier for downstream
folks. I've already mentioned giving upgrade docs that include maven pom
changes needed to get the same set of dependencies. As you mention, we could
also include some option toggle that says "I want to see the framework
libraries." I happen to think this is a bad idea because it leads straight back
to where we are now. In any case, either of these mitigations require
downstream projects to change what they are doing, which sounds incompatible to
me.
> Classpath isolation for downstream clients
> ------------------------------------------
>
> Key: HADOOP-11656
> URL: https://issues.apache.org/jira/browse/HADOOP-11656
> Project: Hadoop Common
> Issue Type: New Feature
> Reporter: Sean Busbey
> Assignee: Sean Busbey
> Labels: classloading, classpath, dependencies
>
> Currently, Hadoop exposes downstream clients to a variety of third party
> libraries. As our code base grows and matures we increase the set of
> libraries we rely on. At the same time, as our user base grows we increase
> the likelihood that some downstream project will run into a conflict while
> attempting to use a different version of some library we depend on. This has
> already happened with i.e. Guava several times for HBase, Accumulo, and Spark
> (and I'm sure others).
> While YARN-286 and MAPREDUCE-1700 provided an initial effort, they default to
> off and they don't do anything to help dependency conflicts on the driver
> side or for folks talking to HDFS directly. This should serve as an umbrella
> for changes needed to do things thoroughly on the next major version.
> We should ensure that downstream clients
> 1) can depend on a client artifact for each of HDFS, YARN, and MapReduce that
> doesn't pull in any third party dependencies
> 2) only see our public API classes (or as close to this as feasible) when
> executing user provided code, whether client side in a launcher/driver or on
> the cluster in a container or within MR.
> This provides us with a double benefit: users get less grief when they want
> to run substantially ahead or behind the versions we need and the project is
> freer to change our own dependency versions because they'll no longer be in
> our compatibility promises.
> Project specific task jiras to follow after I get some justifying use cases
> written in the comments.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
