[
https://issues.apache.org/jira/browse/HDFS-7295?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14188754#comment-14188754
]
bc Wong commented on HDFS-7295:
-------------------------------
Vinod, We're probably not on the same wavelength. I agree with all that you
said about keytabs being the solution for services. But I'm trying to find a
solution for apps that are started by regular users. There are no keytabs here.
--
Steve, the let-user-push-new-token solution is possible, although the user
experience is very bad as it requires periodic intervention. I.e. the user
can't go on a 2-week vacation.
bq. I guess you are disappointed by the negative feedback here: you had a
simple solution to the problem of HDFS token expiry without having to
distribute keytabs.
No, I don't feel emotional about this. I believe that we're all reasonably
trying to find the right solution for the users. Especially since not everyone
here understands the use case yet --- There are no keytabs here. These are not
services.
> Support arbitrary max expiration times for delegation token
> -----------------------------------------------------------
>
> Key: HDFS-7295
> URL: https://issues.apache.org/jira/browse/HDFS-7295
> Project: Hadoop HDFS
> Issue Type: Improvement
> Reporter: Anubhav Dhoot
> Assignee: Anubhav Dhoot
>
> Currently the max lifetime of HDFS delegation tokens is hardcoded to 7 days.
> This is a problem for different users of HDFS such as long running YARN apps.
> Users should be allowed to optionally specify max lifetime for their tokens.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
