[
https://issues.apache.org/jira/browse/HADOOP-4198?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12636746#action_12636746
]
dhruba borthakur commented on HADOOP-4198:
------------------------------------------
Can somebody please explain why we do not need this patch anymore?
> DFSClient should do lease recovery using data transfer port.
> ------------------------------------------------------------
>
> Key: HADOOP-4198
> URL: https://issues.apache.org/jira/browse/HADOOP-4198
> Project: Hadoop Core
> Issue Type: Bug
> Components: dfs
> Affects Versions: 0.18.0
> Reporter: Konstantin Shvachko
> Assignee: Tsz Wo (Nicholas), SZE
> Priority: Blocker
> Fix For: 0.18.2
>
> Attachments: 4198_20080917.patch, 4198_20080917b.patch,
> 4198_20080917b_0.18.patch, 4198_20080918.patch, 4198_20080918_0.18.patch
>
>
> HADOOP-3283 introduced {{dfs.datanode.ipc.address}} which defines where the
> data-node rpc server runs.
> The rpc server on a data-node is used only for lease recovery (HADOOP-3310).
> Lease recovery can be initialized by a name-node or by a client.
> The problem was reported if lease recovery is initialized by a client running
> on an untrusted host.
> The port that the http server runs on is closed for the outside use and
> therefore lease recovery fails.
> Production level security model assumes that data-nodes are run on trusted
> nodes and therefore it is safe to have ports open for inter data-node
> communication.
> HDFS clients can run on arbitrary nodes and according to the security model
> can access only the ports that are externally open.
> We propose to use the standard data node port for lease recovery, which means
> that lease recovery will use {{DataXceiver}} and data transfer protocol
> rather than {{ClientDatanodeProtocol}}.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
