Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-9888

KerberosName static initialization gets default realm, which is unneeded in non-secure deployment.

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • 2.1.1-beta, 3.0.0-alpha1
    • 3.0.0-alpha1
    • security
    • None

    Description

      KerberosName has a static initialization block that looks up the default realm. Running with Oracle JDK7, this code path triggers a DNS query. In some environments, we've seen this DNS query block and time out after 30 seconds. This is part of static initialization, and the class is referenced from UserGroupInformation#initialize, so every daemon and every shell command experiences this delay. This occurs even for non-secure deployments, which don't need the default realm.

      Attachments

        1. HADOOP-9888.001.patch
          2 kB
          Dmytro Kabakchei

        Issue Links

          relates to

          Bug - A problem which impairs or prevents the functions of the product. HADOOP-6913 Circular initialization between UserGroupInformation and KerberosName

          • Major - Major loss of function.
          • Closed

          Activity

            People

              beard Dmytro Kabakchei
              cnauroth Chris Nauroth
              Votes:
              0 Vote for this issue
              Watchers:
              10 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: