You are viewing a plain text version of this content. The canonical link for it is here.

Posted to hdfs-dev@hadoop.apache.org by "sanjay kenganahalli vamanna (JIRA)" <ji...@apache.org> on 2016/03/14 17:05:33 UTC

[jira] [Created] (HDFS-9956) LDAP PERFORMANCE ISSUE AND FAIL OVER

sanjay kenganahalli vamanna created HDFS-9956:
-------------------------------------------------

             Summary: LDAP PERFORMANCE ISSUE AND FAIL OVER
                 Key: HDFS-9956
                 URL: https://issues.apache.org/jira/browse/HDFS-9956
             Project: Hadoop HDFS
          Issue Type: Bug
            Reporter: sanjay kenganahalli vamanna


The typical LDAP group name resolution works well under typical scenarios. However, we have seen cases where a user is mapped to many groups (in an extreme case, a user is mapped to more than 100 groups). The way it's being implemented now makes this case super slow resolving groups from ActiveDirectory and making the namenode to failover.
Instead of failover, we can use the parameter(ha.zookeeper.session-timeout.ms) in the getgroups method to time-out and send the failed response back to the user so that we can prevent name node failover. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)