[jira] [Commented] (HDFS-2665) Viewfs changes for MAPREDUCE-3529

[Hadoop QA (Commented) (JIRA)]

    [ 
https://issues.apache.org/jira/browse/HDFS-2665?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13173530#comment-13173530
 ] 

Hadoop QA commented on HDFS-2665:
---------------------------------

-1 overall.  Here are the results of testing the latest attachment 
  http://issues.apache.org/jira/secure/attachment/12508130/HDFS2665_v1.txt
  against trunk revision .

    +1 @author.  The patch does not contain any @author tags.

    +1 tests included.  The patch appears to include 6 new or modified tests.

    -1 patch.  The patch command could not apply the patch.

Console output: https://builds.apache.org/job/PreCommit-HDFS-Build/1735//console

This message is automatically generated.
                
> Viewfs changes for MAPREDUCE-3529
> ---------------------------------
>
>                 Key: HDFS-2665
>                 URL: https://issues.apache.org/jira/browse/HDFS-2665
>             Project: Hadoop HDFS
>          Issue Type: Bug
>    Affects Versions: 0.23.0
>            Reporter: Siddharth Seth
>            Priority: Critical
>         Attachments: HDFS2665_v1.txt, HDFS2665_v1.txt
>
>
> ViewFs.getDelegationTokens returns a list of tokens for the associated 
> namenodes. Credentials serializes these tokens using the service name for the 
> actual namenodes. Effectively, tokens are not cached for viewfs (some more 
> details in MR 3529). Affects any job which uses the TokenCache in tasks along 
> with viewfs (some Pig jobs).
> Talk to Jitendra about this, some options
> 1. Change Credentials.getAllTokens to return the key, instead of just a token 
> list (associate the viewfs canonical name with a token in credentials)
> 2. Have viewfs issue a fake token.
> Both of these would allow for a single viewfs configuration only.
> 3. An additional API in FileSystem - something like 
> getDelegationTokens(String renewer, Credentials credentials) - which would 
> check the credentials object before making token requests to the actual 
> namenode.
> 4. An additional API in FileSystem - getCanonicalServiceNames - similar to 
> getDelegationTokens, which would return service names for the actual 
> namenodes. TokenCache/Credentials can work using this list.
> 5. have getDelegationTokens check the current UGI - and fetch tokens only if 
> they don't exist.
> Have a quick patch for 3, along with associated MR changes.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: 
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira