You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@storm.apache.org by "Jungtaek Lim (JIRA)" <ji...@apache.org> on 2017/01/06 02:18:58 UTC
[jira] [Commented] (STORM-2214) Cache Kerberos tickets for long
lived Daemons
[ https://issues.apache.org/jira/browse/STORM-2214?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15803254#comment-15803254 ]
Jungtaek Lim commented on STORM-2214:
-------------------------------------
[~revans2]
Just curious, is there any specific reason for applying this only for master, given that the code is easily portable to 1.x branch?
> Cache Kerberos tickets for long lived Daemons
> ---------------------------------------------
>
> Key: STORM-2214
> URL: https://issues.apache.org/jira/browse/STORM-2214
> Project: Apache Storm
> Issue Type: Improvement
> Components: storm-core
> Reporter: Robert Joseph Evans
> Assignee: Robert Joseph Evans
> Fix For: 2.0.0
>
> Time Spent: 1h
> Remaining Estimate: 0h
>
> The UI and supervisors authenticate to nimbus through kerberos. But they initiate a new connection each time they do so, and even use a new Subject for each connection. This means that the client must fetch a new service ticket each time and adds a lot of load on the KDC.
> In order to reuse the subject between sessions we propose cacheing the Login instead of creating a new one each time.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)