Thanks Steve. I will try MiniMRCluster. It will be very helpful. Regards Pallavi
-----Original Message----- From: Steve Loughran [mailto:ste...@apache.org] Sent: Friday, July 24, 2009 7:22 PM To: common-user@hadoop.apache.org Subject: Re: Remote access to cluster using user as hadoop Pallavi Palleti wrote: > Hi all, > > I tried to trackdown to the place where I can add some conditions for not allowing any remote user with username as hadoop(root user) (other than some specific hostnames or ipaddresses). I could see the call path as FsShell -> DistributedFileSystem ->DFSClient - ClientProtocol. As there is no way to debug the code via eclipse (when I ran thru eclipse it points to LocalFileSystem), I followed naive way of debugging by adding print commands. After DFSClient, I couldn't figure out which Class is getting called. From the code, I could see only NameNode extended ClientProtocol, so I was pretty sure that NameNode methods are getting called, but I coudln't see my debug print statements in the logs when I added some print statements in the namenode. Can some one help me what is the flow when a call from Remote machine with same root user name(hadoop) is made? > > I tried for mkdir command which essentially calls mkdirs() method in DFSClient and there by ClientProtocol mkdirs() method. -client side, there are a couple of places where there is an exec("whoami") to determine the username. -server side, everything goes through the namenode. You should put your stuff there, if you want to defend against people using their own versions of the hadoop libraries. -No need to add print statements to trace flow, just set your log4j settings to log at DEBUG to see lots of stuff. -you can bring up a MiniMRCluster() in a single VM, which is how most of the unit tests run. This will let you debug both ends of the DFS conversation within the IDE.
