DFSClient should do lease recovery using data transfer port.
------------------------------------------------------------
Key: HADOOP-4198
URL: https://issues.apache.org/jira/browse/HADOOP-4198
Project: Hadoop Core
Issue Type: Bug
Components: dfs
Affects Versions: 0.18.0
Reporter: Konstantin Shvachko
Assignee: Tsz Wo (Nicholas), SZE
Priority: Blocker
Fix For: 0.18.1
HADOOP-3283 introduced {{dfs.datanode.ipc.address}} which defines where the
data-node rpc server runs.
The rpc server on a data-node is used only for lease recovery (HADOOP-3310).
Lease recovery can be initialized by a name-node or by a client.
The problem was reported if lease recovery is initialized by a client running
on an untrusted host.
The port that the http server runs on is closed for the outside use and
therefore lease recovery fails.
Production level security model assumes that data-nodes are run on trusted
nodes and therefore it is safe to have ports open for inter data-node
communication.
HDFS clients can run on arbitrary nodes and according to the security model can
access only the ports that are externally open.
We propose to use the standard data node port for lease recovery, which means
that lease recovery will use {{DataXceiver}} and data transfer protocol rather
than {{ClientDatanodeProtocol}}.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
