Mingliang Liu created AMBARI-16295:
--------------------------------------
Summary: Protecting NameNode from too many connections
Key: AMBARI-16295
URL: https://issues.apache.org/jira/browse/AMBARI-16295
Project: Ambari
Issue Type: Improvement
Reporter: Mingliang Liu
On the HDFS name node (NN) there is a system {{ulimit}} setting for the maximum
open files, which is generally large enough. In extreme cases (large cluster
with burst loads) chances are there are too many connections more than the
limit. In this case, the NN will fail to write edit log to the journal (too
many opened files), and crash ultimately.
It will be very helpful if the Ambari enforces another guard with iptable
(firewall) rules. Iptables allows rate limiting by connections/sec as well as
setting limits on the open connections to a specific port. The latter can be an
aggregate limit or a per remote IP address limit.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
