You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-dev@hadoop.apache.org by "Marco Nicosia (JIRA)" <ji...@apache.org> on 2009/04/22 18:50:47 UTC
[jira] Created: (HADOOP-5722) HTTP metrics interface enable/disable
must be configurable
HTTP metrics interface enable/disable must be configurable
----------------------------------------------------------
Key: HADOOP-5722
URL: https://issues.apache.org/jira/browse/HADOOP-5722
Project: Hadoop Core
Issue Type: Bug
Components: metrics
Reporter: Marco Nicosia
HADOOP-5469 added a convenient end-run around JMX authentication by revealing the same metrics over HTTP. That's cool, but we need to secure all accesses to our Hadoop cluster, so while this may be enabled by default, we need some configurable way to disable the unauthenticated port.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (HADOOP-5722) HTTP metrics interface
enable/disable must be configurable
Posted by "Philip Zeyliger (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HADOOP-5722?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12701658#action_12701658 ]
Philip Zeyliger commented on HADOOP-5722:
-----------------------------------------
Hi Marco,
To implement HADOOP-5469, I didn't need to open a new port; I merely added a servlet to the HTTP server already running. (The relevant code snippet is below.) If folks would like, it'd be easy to add if clauses around relevant methods. Feel free to propose configuration names.
Unlike JMX, /metrics is read-only. The scariest stuff it gives you access to is some of your JVM configuration and the counters for jobs running on JobTrackers.
{noformat}
protected void addDefaultServlets() {
// set up default servlets
addServlet("stacks", "/stacks", StackServlet.class);
addServlet("logLevel", "/logLevel", LogLevel.Servlet.class);
addServlet("metrics", "/metrics", MetricsServlet.class);
}
{noformat}
> HTTP metrics interface enable/disable must be configurable
> ----------------------------------------------------------
>
> Key: HADOOP-5722
> URL: https://issues.apache.org/jira/browse/HADOOP-5722
> Project: Hadoop Core
> Issue Type: Bug
> Components: metrics
> Reporter: Marco Nicosia
>
> HADOOP-5469 added a convenient end-run around JMX authentication by revealing the same metrics over HTTP. That's cool, but we need to secure all accesses to our Hadoop cluster, so while this may be enabled by default, we need some configurable way to disable the unauthenticated port.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (HADOOP-5722) HTTP metrics interface
enable/disable must be configurable
Posted by "Robert Chansler (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HADOOP-5722?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12702624#action_12702624 ]
Robert Chansler commented on HADOOP-5722:
-----------------------------------------
What about making the list of deployed servlets configurable? That way an administrator could choose any list of favorites, and no individual servle would have to test whether is was enabled or not.
> HTTP metrics interface enable/disable must be configurable
> ----------------------------------------------------------
>
> Key: HADOOP-5722
> URL: https://issues.apache.org/jira/browse/HADOOP-5722
> Project: Hadoop Core
> Issue Type: Bug
> Components: metrics
> Reporter: Marco Nicosia
>
> HADOOP-5469 added a convenient end-run around JMX authentication by revealing the same metrics over HTTP. That's cool, but we need to secure all accesses to our Hadoop cluster, so while this may be enabled by default, we need some configurable way to disable the unauthenticated port.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.