Details
-
Improvement
-
Status: Open
-
Minor
-
Resolution: Unresolved
-
None
-
None
-
None
-
Kerberized, clients connect to multiple HttpFS servers via load balancer
Description
In our environment, multiple HttpFS servers are deployed for the clients outside the HDFS cluster. As we are using external load balancer service for the HttpFS servers, the following situation may happen:
1. A client authenticates with a HttpFS server and gets a delegation token. Using the delegation token, the client can access to the NameNode.
2. In the next session, the client authenticates with another HttpFS server (via load balancer) using the same delegation token. The client fails to access because the other HttpFS server does not have the information of the delegation token.
This issue is to document how to fix this situation.