[
https://issues.apache.org/jira/browse/HDFS-945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12829219#action_12829219
]
Eli Collins commented on HDFS-945:
----------------------------------
Let's keep this jira to mechanism, can discuss policy (eg defaults) later. If
we really want to prevent DoS then HDFS needs some notion of QOS reservations
(and even then you can just use more clients with different IPs etc). I suspect
for now it's best to try to limit the impact of any one operation (eg lsr /),
and then rate limit operations by client. Agree with Todd about focusing on the
non-malicious use case first.
> Make NameNode resilient to DoS attacks (malicious or otherwise)
> ---------------------------------------------------------------
>
> Key: HDFS-945
> URL: https://issues.apache.org/jira/browse/HDFS-945
> Project: Hadoop HDFS
> Issue Type: Improvement
> Components: name-node
> Reporter: Arun C Murthy
>
> We've seen defective applications cause havoc on the NameNode, for e.g. by
> doing 100k+ 'listStatus' on very large directories (60k files) etc.
> I'd like to start a discussion around how we prevent such, and possibly
> malicious applications in the future, taking down the NameNode.
> Thoughts?
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
