[
https://issues.apache.org/jira/browse/HBASE-12954?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14329057#comment-14329057
]
Devaraj Das commented on HBASE-12954:
-------------------------------------
[~yuzhih...@gmail.com] there might be an issue at the RPC layer if security is
turned on. For the login() calls, the hostname that is used is the "custom"
hostname (and that seems to be right). When the RpcClient tries to setup a
secure communication to a remote server, it constructs the principal of the
remote server (usually the principals are of the form hbase/_HOST@REALM).
During the principal construction, it does a reverse DNS lookup to get the
server name and the _HOST is replaced with that server name to get the
principal that the RpcClient then uses. The question is if a reverse DNS is
done, whether the "custom" hostname would be returned or not. If not, we'd need
to address the issue.
> Ability impaired using HBase on multihomed hosts
> ------------------------------------------------
>
> Key: HBASE-12954
> URL: https://issues.apache.org/jira/browse/HBASE-12954
> Project: HBase
> Issue Type: Bug
> Affects Versions: 0.98.4
> Reporter: Clay B.
> Assignee: Ted Yu
> Priority: Minor
> Attachments: 12954-v1.txt, 12954-v10.txt, 12954-v11.txt,
> 12954-v12.txt, 12954-v12.txt, 12954-v12.txt, 12954-v13.txt, 12954-v7.txt,
> 12954-v8.txt, Hadoop Three Interfaces.png
>
>
> For HBase clusters running on unusual networks (such as NAT'd cloud
> environments or physical machines with multiple IP's per network interface)
> it would be ideal to have a way to both specify:
> # which IP interface to which HBase master or region-server will bind
> # what hostname HBase will advertise in Zookeeper both for a master or
> region-server process
> While efforts such as HBASE-8640 go a long way to normalize these two sources
> of information, it is not possible in the current design of the properties
> available to an administrator for these to be unambiguously specified.
> One has been able to request {{hbase.master.ipc.address}} or
> {{hbase.regionserver.ipc.address}} but one can not specify the desired HBase
> {{hbase.master.hostname}}. (It was removed in HBASE-1357, further I am
> unaware of a region-server equivalent.)
> I use a configuration management system to generate all of my configuration
> files on a per-machine basis. As such, an option to generate a file
> specifying exactly which hostname to use would be helpful.
> Today, specifying the bind address for HBase works and one can use an
> HBase-only DNS for faking what to put in Zookeeper but this is far from
> ideal. Network interfaces have no intrinsic IP address, nor hostname.
> Specifing a DNS server is awkward as the DNS server may differ from the
> system's resolver and is a single IP address. Similarly, on hosts which use a
> transient VIP (e.g. through keepalived) for other services, it means there's
> a seemingly non-deterministic hostname choice made by HBase depending on the
> state of the VIP at daemon start-up time.
> I will attach two networking examples I use which become very difficult to
> manage under the current properties.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
