You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@storm.apache.org by "Jungtaek Lim (JIRA)" <ji...@apache.org> on 2017/01/06 02:18:58 UTC

[jira] [Commented] (STORM-2214) Cache Kerberos tickets for long lived Daemons

    [ https://issues.apache.org/jira/browse/STORM-2214?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15803254#comment-15803254 ] 

Jungtaek Lim commented on STORM-2214:
-------------------------------------

[~revans2]
Just curious, is there any specific reason for applying this only for master, given that the code is easily portable to 1.x branch?

> Cache Kerberos tickets for long lived Daemons
> ---------------------------------------------
>
>                 Key: STORM-2214
>                 URL: https://issues.apache.org/jira/browse/STORM-2214
>             Project: Apache Storm
>          Issue Type: Improvement
>          Components: storm-core
>            Reporter: Robert Joseph Evans
>            Assignee: Robert Joseph Evans
>             Fix For: 2.0.0
>
>          Time Spent: 1h
>  Remaining Estimate: 0h
>
> The UI and supervisors authenticate to nimbus through kerberos.  But they initiate a new connection each time they do so, and even use a new Subject for each connection.  This means that the client must fetch a new service ticket each time and adds a lot of load on the KDC.
> In order to reuse the subject between sessions we propose cacheing the Login instead of creating a new one each time.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)