[
https://issues.apache.org/jira/browse/HDFS-16266?focusedWorklogId=669855&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-669855
]
ASF GitHub Bot logged work on HDFS-16266:
-----------------------------------------
Author: ASF GitHub Bot
Created on: 26/Oct/21 00:28
Start Date: 26/Oct/21 00:28
Worklog Time Spent: 10m
Work Description: tomscut commented on pull request #3538:
URL: https://github.com/apache/hadoop/pull/3538#issuecomment-951445364
> The API is declared Public, Evolving. If it stays in Hadoop 3.4.0 I am
fine with it.
>
> We used to have an audit logger (Cloudera Navigator) that extends the
AuditLogger interface. But we've moved away from that.
>
> Performance: It would have a slight performance penalty because every
audit log op will always convert InetAddress to a string, regardless if audit
logger is off (audit log level = debug or dfs.namenode.audit.log.debug.cmdlist
has the excluded op)). It's probably acceptable since audit is logged outside
of namenode lock.
>
> CallerContext: the caller context is probably a better option when you
want to do fine-grained post-mortem anyway. Maybe we can modify the caller
context to attach remote port so that it doesn't break api compatibility. Just
a thought.
> I haven't gone through the entire discussion/code. Just that whether we
should modify the existing field or add a new one. Technically both are correct
and I don't see any serious issue with either(not thinking too deep). But I
feel for the parsers to adapt, if there was a new field, it might be little bit
more easy, Rather than trying to figure out whether the existing field has a
port or not. Just my thoughts, I am Ok with whichever way most people tend to
agree. Anyway whatever we do should be optional & guarded by a config.
Thanks @ayushtkn for your comments and suggestions.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
Issue Time Tracking
-------------------
Worklog Id: (was: 669855)
Time Spent: 4h (was: 3h 50m)
> Add remote port information to HDFS audit log
> ---------------------------------------------
>
> Key: HDFS-16266
> URL: https://issues.apache.org/jira/browse/HDFS-16266
> Project: Hadoop HDFS
> Issue Type: Improvement
> Reporter: tomscut
> Assignee: tomscut
> Priority: Major
> Labels: pull-request-available
> Time Spent: 4h
> Remaining Estimate: 0h
>
> In our production environment, we occasionally encounter a problem where a
> user submits an abnormal computation task, causing a sudden flood of
> requests, which causes the queueTime and processingTime of the Namenode to
> rise very high, causing a large backlog of tasks.
> We usually locate and kill specific Spark, Flink, or MapReduce tasks based on
> metrics and audit logs. Currently, IP and UGI are recorded in audit logs, but
> there is no port information, so it is difficult to locate specific processes
> sometimes. Therefore, I propose that we add the port information to the audit
> log, so that we can easily track the upstream process.
> Currently, some projects contain port information in audit logs, such as
> Hbase and Alluxio. I think it is also necessary to add port information for
> HDFS audit logs.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
