[
https://issues.apache.org/jira/browse/HADOOP-7967?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13425265#comment-13425265
]
Sanjay Radia commented on HADOOP-7967:
--------------------------------------
* Noticed that in DelegateToFileSystem#getDelegationTokens() you simply want
the tokens and pass in an empty credentials to addDTs - shall we have
addDelegationTokens deal with the null credentials parameter to indicate that
it should simply return the tokens rather than add. I am okay either way.
* getDelegationToken
** undeprecate getDelegationToken - since getDelegationTokens is being removed
(the deprecation was added when we added getDelegationTokens)
** Does it work to make it protected?
* Since the audience for getDelegationTokens was HDFS & MapReduce originally,
it is safe to remove getDelegationTokens right away from trunk and target this
jira for Hadoop 2. Hadoop 0.23 can remove it later. Such changes are allowed in
Alphas especially since the audience was limitedPrivate.
* Some of the new tests in TestViewSystemDelegationTokenSupport is using the
old deprecated getDelegationTokens - it should use the new addDelegationTokens.
* WebHdfs rest API - not sure what is needed here - noticed you removed
GETDELEGATIONTOKENS. I need to think this one through.
* TestTokenCache
** Can't you take advantage of the default impl of addDelegationTokens and
hence not need getTokens?
** add javadoc to createFileSystemForService - change name to
createFileSystemForServiceName
* File Jira for fixing Viewfs and AbstractFileSystem
* I have attached patch that improves some of the javadocs - you can apply it
on top of yours.
> Need generalized multi-token filesystem support
> -----------------------------------------------
>
> Key: HADOOP-7967
> URL: https://issues.apache.org/jira/browse/HADOOP-7967
> Project: Hadoop Common
> Issue Type: Bug
> Components: fs, security
> Affects Versions: 0.23.1, 0.24.0
> Reporter: Daryn Sharp
> Assignee: Daryn Sharp
> Priority: Critical
> Attachments: HADOOP-7967-2.patch, HADOOP-7967-3.patch,
> HADOOP-7967-4.patch, HADOOP-7967-compat.patch, HADOOP-7967.newapi.2.patch,
> HADOOP-7967.newapi.patch, HADOOP-7967.patch, hadoop7967-javadoc.patch
>
>
> Multi-token filesystem support and its interactions with the MR
> {{TokenCache}} is problematic. The {{TokenCache}} tries to assume it has the
> knowledge to know if the tokens for a filesystem are available, which it
> can't possibly know for multi-token filesystems. Filtered filesystems are
> also problematic, such as har on viewfs. When mergeFs is implemented, it too
> will become a problem with the current implementation. Currently
> {{FileSystem}} will leak tokens even when some tokens are already present.
> The decision for token acquisition, and which tokens, should be pushed all
> the way down into the {{FileSystem}} level. The {{TokenCache}} should be
> ignorant and simply request tokens from each {{FileSystem}}.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
