[jira] Updated: (HDFS-1357) HFTP traffic served by DataNode shouldn't use service port on NameNode

Thu, 26 Aug 2010 17:18:18 -0700 

     [ 
https://issues.apache.org/jira/browse/HDFS-1357?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Kan Zhang updated HDFS-1357:
----------------------------

    Attachment: h1357-01.patch

Attach a small patch that changes HFTP operations on Datanodes to use the 
client port on NN. Manually verified the patch on a single node cluster. 
Without this patch, if one specifies an additional service port 8022 for 
namenode and security is turned on, client HFTP request would fail and in 
datanode log one would see the following (no delegation token was found and the 
RPC client defaults to using Kerberos and then fails). With this patch, client 
HFTP request succeeds.

{noformat}
2010-08-26 23:33:18,338 WARN org.mortbay.log: /streamFile/input1/core-site.xml: 
java.io.IOException: Call to namenode-domain-name:8022 failed on local 
exception: java.io.IOException: javax.security.sasl.SaslException: GSS initiate 
failed [Caused by GSSException: No valid credentials provided (Mechanism level: 
Failed to find any Kerberos tgt)]
{noformat}

> HFTP traffic served by DataNode shouldn't use service port on NameNode 
> -----------------------------------------------------------------------
>
>                 Key: HDFS-1357
>                 URL: https://issues.apache.org/jira/browse/HDFS-1357
>             Project: Hadoop HDFS
>          Issue Type: Bug
>          Components: data-node, security
>            Reporter: Kan Zhang
>            Assignee: Kan Zhang
>         Attachments: h1357-01.patch
>
>
> HDFS-599 introduced a new service port on NameNode to separate system traffic 
> (e.g., heartbeats/blockreports) from client file access requests so that they 
> can be prioritized.  All Datanode traffic now goes to the service port. 
> However, datanode also serves as a proxy for HFTP requests from client 
> (served by StreamFile servlet). These HFTP traffic should continue to use the 
> client port on NameNode. Moreover, using the service port for HFTP is 
> incompatible with the existing way of selecting delegation tokens.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to