You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-issues@hadoop.apache.org by "Wei-Chiu Chuang (JIRA)" <ji...@apache.org> on 2019/02/21 00:59:01 UTC
[jira] [Comment Edited] (HADOOP-15813) Enable more reliable SSL
connection reuse
[ https://issues.apache.org/jira/browse/HADOOP-15813?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16773552#comment-16773552 ]
Wei-Chiu Chuang edited comment on HADOOP-15813 at 2/21/19 12:58 AM:
--------------------------------------------------------------------
For reference, here's the profiler output of KMS server, prior to the patch: !profiler prior to HADOOP-15813.png!
After:
!profiler after HADOOP-15813.png!
was (Author: jojochuang):
For reference, here's the profiler output of KMS server, prior to the patch:
!Screen Shot 2019-02-20 at 3.37.05 PM.png!
> Enable more reliable SSL connection reuse
> -----------------------------------------
>
> Key: HADOOP-15813
> URL: https://issues.apache.org/jira/browse/HADOOP-15813
> Project: Hadoop Common
> Issue Type: Bug
> Components: common
> Affects Versions: 2.6.0
> Reporter: Daryn Sharp
> Assignee: Daryn Sharp
> Priority: Major
> Attachments: HADOOP-15813.patch, HADOOP-15813.patch, profiler after HADOOP-15813.png, profiler prior to HADOOP-15813.png
>
>
> The java keep-alive cache relies on instance equivalence of the SSL socket factory. In many java versions, SSLContext#getSocketFactory always returns a new instance which completely breaks the cache. Clients flooding a service with lingering per-request connections that can lead to port exhaustion. The hadoop SSLFactory should cache the socket factory associated with the context.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-issues-help@hadoop.apache.org