[
https://issues.apache.org/jira/browse/HDFS-13541?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16491307#comment-16491307
]
Konstantin Shvachko commented on HDFS-13541:
--------------------------------------------
{quote}I prefer the approach where datanode also listens on two ports, as it
makes the entire approach easy to understand
{quote}
I agree with [~vagarychen] that adding extra port to DNs adds a lot of
complexity to the entire workflow. DNs will need to report to NN both ports
during registration. Then NN will need to selectively return secure or non
secure port to the client depending on the client's connection. It also changes
and complicates configuration of the DNs. I advocate keeping single port on
DNs. Also I think it is logically simpler: NN enforces secure or non secure
communication on the client and it uses it consistently for both NN RPCs and DN
data transfers.
{quote}Encrypting the entire data pipeline is not necessary. I believe, it
should be optimized{quote}
Not sure if it is an optimization. If DN1 receives and encrypted packet it can
send it down to DN2 without any transformation encrypted as it is. As opposed
to decrypting the packet on DN1 and sending it un-encrypted to DN2. So just
keep the pipeline ALL encrypted or ALL not encrypted.
> NameNode Port based selective encryption
> ----------------------------------------
>
> Key: HDFS-13541
> URL: https://issues.apache.org/jira/browse/HDFS-13541
> Project: Hadoop HDFS
> Issue Type: Improvement
> Components: datanode, namenode, security
> Reporter: Chen Liang
> Assignee: Chen Liang
> Priority: Major
> Attachments: NameNode Port based selective encryption-v1.pdf
>
>
> Here at LinkedIn, one issue we face is that we need to enforce different
> security requirement based on the location of client and the cluster.
> Specifically, for clients from outside of the data center, it is required by
> regulation that all traffic must be encrypted. But for clients within the
> same data center, unencrypted connections are more desired to avoid the high
> encryption overhead.
> HADOOP-10221 introduced pluggable SASL resolver, based on which HADOOP-10335
> introduced WhitelistBasedResolver which solves the same problem. However we
> found it difficult to fit into our environment for several reasons. In this
> JIRA, on top of pluggable SASL resolver, *we propose a different approach of
> running RPC two ports on NameNode, and the two ports will be enforcing
> encrypted and unencrypted connections respectively, and the following
> DataNode access will simply follow the same behaviour of
> encryption/unencryption*. Then by blocking unencrypted port on datacenter
> firewall, we can completely block unencrypted external access.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
