Repository: hadoop
Updated Branches:
refs/heads/branch-2.7 7be489822 -> c521acdc5
HADOOP-14702. Fix formatting issue and regression caused by conversion from APT
to Markdown. Contributed by Doris Gu.
(cherry picked from commit d9a07b39046c323d430b98eff6603eaf58e18372)
Conflicts:
hadoop-common-project/hadoop-common/src/site/markdown/Metrics.md
(cherry picked from commit a01d92156d9a7bf008374c04786d37aabad3f3b6)
Conflicts:
hadoop-common-project/hadoop-common/src/site/markdown/Metrics.md
Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/c521acdc
Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/c521acdc
Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/c521acdc
Branch: refs/heads/branch-2.7
Commit: c521acdc50060a8f00b1e03357f102bf24ea4d16
Parents: 7be4898
Author: Masatake Iwasaki <[email protected]>
Authored: Wed Aug 2 06:19:21 2017 +0000
Committer: Masatake Iwasaki <[email protected]>
Committed: Wed Aug 2 06:51:00 2017 +0000
----------------------------------------------------------------------
hadoop-common-project/hadoop-common/CHANGES.txt | 3 ++
.../hadoop-common/src/site/markdown/Metrics.md | 7 ++++-
.../src/site/markdown/ServiceLevelAuth.md | 32 +++++++++++---------
3 files changed, 27 insertions(+), 15 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/hadoop/blob/c521acdc/hadoop-common-project/hadoop-common/CHANGES.txt
----------------------------------------------------------------------
diff --git a/hadoop-common-project/hadoop-common/CHANGES.txt
b/hadoop-common-project/hadoop-common/CHANGES.txt
index 7fb9161..85ec9c4 100644
--- a/hadoop-common-project/hadoop-common/CHANGES.txt
+++ b/hadoop-common-project/hadoop-common/CHANGES.txt
@@ -12,6 +12,9 @@ Release 2.7.5 - UNRELEASED
BUG FIXES
+ HADOOP-14702. Fix formatting issue and regression caused by conversion from
+ APT to Markdown. (Doris Gu via iwasakims)
+
Release 2.7.4 - UNRELEASED
INCOMPATIBLE CHANGES
http://git-wip-us.apache.org/repos/asf/hadoop/blob/c521acdc/hadoop-common-project/hadoop-common/src/site/markdown/Metrics.md
----------------------------------------------------------------------
diff --git a/hadoop-common-project/hadoop-common/src/site/markdown/Metrics.md
b/hadoop-common-project/hadoop-common/src/site/markdown/Metrics.md
index 19cc79a..88ed6f6 100644
--- a/hadoop-common-project/hadoop-common/src/site/markdown/Metrics.md
+++ b/hadoop-common-project/hadoop-common/src/site/markdown/Metrics.md
@@ -192,6 +192,7 @@ Each metrics record contains tags such as ProcessName,
SessionId, and Hostname a
| `GetImageAvgTime` | Average fsimage download time in milliseconds |
| `PutImageNumOps` | Total number of fsimage uploads to SecondaryNameNode |
| `PutImageAvgTime` | Average fsimage upload time in milliseconds |
+| `TotalFileOps` | Total number of file operations performed |
FSNamesystem
------------
@@ -334,6 +335,10 @@ Each metrics record contains tags such as SessionId and
Hostname as additional i
| `SendDataPacketBlockedOnNetworkNanosAvgTime` | Average waiting time of
sending packets in nanoseconds |
| `SendDataPacketTransferNanosNumOps` | Total number of sending packets |
| `SendDataPacketTransferNanosAvgTime` | Average transfer time of sending
packets in nanoseconds |
+| `TotalWriteTime` | Total number of milliseconds spent on write operation |
+| `TotalReadTime` | Total number of milliseconds spent on read operation |
+| `RemoteBytesRead` | Number of bytes read by remote clients |
+| `RemoteBytesWritten` | Number of bytes written by remote clients |
yarn context
============
@@ -454,7 +459,7 @@ MetricsSystem shows the statistics for metrics snapshots
and publishes. Each met
| `Sink_`*instance*`NumOps` | Total number of sink operations for the
*instance* |
| `Sink_`*instance*`AvgTime` | Average time in milliseconds of sink operations
for the *instance* |
| `Sink_`*instance*`Dropped` | Total number of dropped sink operations for the
*instance* |
-| `Sink_`*instance*`Qsize` | Current queue length of sink operations  (BUT
always set to 0 because nothing to increment this metrics, see
[HADOOP-9941](https://issues.apache.org/jira/browse/HADOOP-9941)) |
+| `Sink_`*instance*`Qsize` | Current queue length of the sink |
default context
===============
http://git-wip-us.apache.org/repos/asf/hadoop/blob/c521acdc/hadoop-common-project/hadoop-common/src/site/markdown/ServiceLevelAuth.md
----------------------------------------------------------------------
diff --git
a/hadoop-common-project/hadoop-common/src/site/markdown/ServiceLevelAuth.md
b/hadoop-common-project/hadoop-common/src/site/markdown/ServiceLevelAuth.md
index adb7db9..1c40aa9 100644
--- a/hadoop-common-project/hadoop-common/src/site/markdown/ServiceLevelAuth.md
+++ b/hadoop-common-project/hadoop-common/src/site/markdown/ServiceLevelAuth.md
@@ -87,13 +87,27 @@ A special value of `*` implies that all users are allowed
to access the service.
If access control list is not defined for a service, the value of
`security.service.authorization.default.acl` is applied. If
`security.service.authorization.default.acl` is not defined, `*` is applied.
-* Blocked Access Control ListsIn some cases, it is required to specify blocked
access control list for a service. This specifies the list of users and groups
who are not authorized to access the service. The format of the blocked access
control list is same as that of access control list. The blocked access control
list can be specified via `$HADOOP_CONF_DIR/hadoop-policy.xml`. The property
name is derived by suffixing with ".blocked".
+### Blocked Access Control Lists
- Example: The property name of blocked access control list for
`security.client.protocol.acl>> will be <<<security.client.protocol.acl.blocked`
+In some cases, it is required to specify blocked access control list for a
service. This specifies the list of users and groups who are not authorized to
access the service. The format of the blocked access control list is same as
that of access control list. The blocked access control list can be specified
via `$HADOOP_CONF_DIR/hadoop-policy.xml`. The property name is derived by
suffixing with ".blocked".
- For a service, it is possible to specify both an access control list and a
blocked control list. A user is authorized to access the service if the user is
in the access control and not in the blocked access control list.
+Example: The property name of blocked access control list for
`security.client.protocol.acl` will be `security.client.protocol.acl.blocked`
- If blocked access control list is not defined for a service, the value of
`security.service.authorization.default.acl.blocked` is applied. If
`security.service.authorization.default.acl.blocked` is not defined, empty
blocked access control list is applied.
+For a service, it is possible to specify both an access control list and a
blocked control list. A user is authorized to access the service if the user is
in the access control and not in the blocked access control list.
+
+If blocked access control list is not defined for a service, the value of
`security.service.authorization.default.acl.blocked` is applied. If
`security.service.authorization.default.acl.blocked` is not defined, empty
blocked access control list is applied.
+
+### Access Control using Lists of IP Addresses, Host Names and IP Ranges
+
+Access to a service can be controlled based on the ip address of the client
accessing the service. It is possible to restrict access to a service from a
set of machines by specifying a list of ip addresses, host names and ip ranges.
The property name for each service is derived from the corresponding acl's
property name. If the property name of acl is security.client.protocol.acl,
property name for the hosts list will be security.client.protocol.hosts.
+
+If hosts list is not defined for a service, the value of
`security.service.authorization.default.hosts` is applied. If
`security.service.authorization.default.hosts` is not defined, `*` is applied.
+
+It is possible to specify a blocked list of hosts. Only those machines which
are in the hosts list, but not in the blocked hosts list will be granted access
to the service. The property name is derived by suffixing with ".blocked".
+
+Example: The property name of blocked hosts list for
`security.client.protocol.hosts` will be
`security.client.protocol.hosts.blocked`
+
+If blocked hosts list is not defined for a service, the value of
`security.service.authorization.default.hosts.blocked` is applied. If
`security.service.authorization.default.hosts.blocked` is not defined, empty
blocked hosts list is applied.
### Refreshing Service Level Authorization Configuration
@@ -109,16 +123,6 @@ Refresh the service-level authorization configuration for
the ResourceManager:
Of course, one can use the `security.refresh.policy.protocol.acl` property in
`$HADOOP_CONF_DIR/hadoop-policy.xml` to restrict access to the ability to
refresh the service-level authorization configuration to certain users/groups.
-* Access Control using list of ip addresses, host names and ip rangesAccess to
a service can be controlled based on the ip address of the client accessing the
service. It is possible to restrict access to a service from a set of machines
by specifying a list of ip addresses, host names and ip ranges. The property
name for each service is derived from the corresponding acl's property name. If
the property name of acl is security.client.protocol.acl, property name for the
hosts list will be security.client.protocol.hosts.
-
- If hosts list is not defined for a service, the value of
`security.service.authorization.default.hosts` is applied. If
`security.service.authorization.default.hosts` is not defined, `*` is applied.
-
- It is possible to specify a blocked list of hosts. Only those machines
which are in the hosts list, but not in the blocked hosts list will be granted
access to the service. The property name is derived by suffixing with
".blocked".
-
- Example: The property name of blocked hosts list for
`security.client.protocol.hosts` will be
`security.client.protocol.hosts.blocked`
-
- If blocked hosts list is not defined for a service, the value of
`security.service.authorization.default.hosts.blocked` is applied. If
`security.service.authorization.default.hosts.blocked` is not defined, empty
blocked hosts list is applied.
-
### Examples
Allow only users `alice`, `bob` and users in the `mapreduce` group to submit
jobs to the MapReduce cluster:
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
