[
https://issues.apache.org/jira/browse/HDFS-945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12830200#action_12830200
]
Allen Wittenauer commented on HDFS-945:
---------------------------------------
QoS (which is really what we're talking about here) is better done at the
application layer, IMO. Passing this work off to an already overworked
iptables (which is providing security since hadoop doesn't have much of any) is
an idea that won't scale, esp at Yahoo! levels.
> Make NameNode resilient to DoS attacks (malicious or otherwise)
> ---------------------------------------------------------------
>
> Key: HDFS-945
> URL: https://issues.apache.org/jira/browse/HDFS-945
> Project: Hadoop HDFS
> Issue Type: Improvement
> Components: name-node
> Reporter: Arun C Murthy
>
> We've seen defective applications cause havoc on the NameNode, for e.g. by
> doing 100k+ 'listStatus' on very large directories (60k files) etc.
> I'd like to start a discussion around how we prevent such, and possibly
> malicious applications in the future, taking down the NameNode.
> Thoughts?
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
