[
https://issues.apache.org/jira/browse/HDFS-13492?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16448964#comment-16448964
]
Wei-Chiu Chuang commented on HDFS-13492:
----------------------------------------
Rev001:
Updated ssl-server.xml and server.xml:
{code:java}
<Connector address="${httpfs.http.hostname}" ...
{code}
Tomcat 6 supports this parameter per
[https://tomcat.apache.org/tomcat-6.0-doc/config/http.html] but we didn't add
this parameter before.
For httpfs server, httpfs.http.hostname comes from environment variable
HTTPFS_HTTP_HOSTNAME. After this parameter is passed in
(HTTPFS_HTTP_HOSTNAME=127.0.0.1), only local connection is accepted.
Tested successfully on a CDH5.13.1 cluster.
No unit test attached, because it is Tomcat configuration change and unittest
doesn't help much.
> Limit httpfs binds to certain IP addresses in branch-2
> ------------------------------------------------------
>
> Key: HDFS-13492
> URL: https://issues.apache.org/jira/browse/HDFS-13492
> Project: Hadoop HDFS
> Issue Type: Improvement
> Components: httpfs
> Affects Versions: 2.6.0
> Reporter: Wei-Chiu Chuang
> Assignee: Wei-Chiu Chuang
> Priority: Major
> Attachments: HDFS-13492.branch-2.001.patch
>
>
> Currently httpfs binds to all IP addresses of the host by default. Some
> operators want to limit httpfs to accept only local connections.
> We should provide that option, and it's pretty doable in Hadoop 2.x.
> Note that httpfs underlying implementation changed in Hadoop 3, and the Jetty
> based httpfs implementation already support that I believe.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
