You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-issues@hadoop.apache.org by "Dmytro Kabakchei (JIRA)" <ji...@apache.org> on 2016/01/04 10:31:40 UTC
[jira] [Updated] (HADOOP-9888) KerberosName static initialization
gets default realm, which is unneeded in non-secure deployment.
[ https://issues.apache.org/jira/browse/HADOOP-9888?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Dmytro Kabakchei updated HADOOP-9888:
-------------------------------------
Status: Patch Available (was: Open)
Created patch for this. Just moved static initialization block inside getter method. Now default realm is resolved only for secure deployments.
> KerberosName static initialization gets default realm, which is unneeded in non-secure deployment.
> --------------------------------------------------------------------------------------------------
>
> Key: HADOOP-9888
> URL: https://issues.apache.org/jira/browse/HADOOP-9888
> Project: Hadoop Common
> Issue Type: Bug
> Components: security
> Affects Versions: 2.1.1-beta, 3.0.0
> Reporter: Chris Nauroth
>
> {{KerberosName}} has a static initialization block that looks up the default realm. Running with Oracle JDK7, this code path triggers a DNS query. In some environments, we've seen this DNS query block and time out after 30 seconds. This is part of static initialization, and the class is referenced from {{UserGroupInformation#initialize}}, so every daemon and every shell command experiences this delay. This occurs even for non-secure deployments, which don't need the default realm.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)