On Tue, May 10, 2011 at 10:24 PM, Devaraj Das <[email protected]> wrote:
> I can't think of any major user-facing incompatibilities other than the > users having to run a 'kinit' when they are working with a secure Hadoop > cluster (of course the admins need to do more work in order to set up a > secure cluster). By far the most significant incompatibility that I've seen from a user perspective is that setting hadoop.job.ugi no longer has any effect. Granted, this interface wasn't used by a large percentage of users, but those that were using it have no other alternative that is as flexible as this was. There was discussion about this incompatibility last September on the mailing lists[1]. The conclusion there was that supporting backward compatibility for this interface was too difficult, semantically and technically, to warrant support. This incompatibility is present whether or not Kerberos support is enabled on the cluster. I totally agree that the pain of upgrading to 0.20 security was felt substantially more by admins/operators than by users. -- Aaron T. Myers Software Engineer, Cloudera [1] http://mail-archives.apache.org/mod_mbox/hadoop-general/201009.mbox/%[email protected]%3E
