[HADOOP-13597] Switch KMS from Tomcat to Jetty - ASF JIRA

XML

Word

Printable

JSON

Details

Type: New Feature
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 2.6.0
Fix Version/s: 3.0.0-alpha2
Component/s: kms
Labels:
None

Target Version/s:

3.0.0-alpha2
Hadoop Flags:

Incompatible change, Reviewed
Release Note:

Hide


The following environment variables are deprecated. Set the corresponding
configuration properties instead.

Environment Variable | Configuration Property | Configuration File
-------------------------|------------------------------|--------------------
KMS_HTTP_PORT | hadoop.kms.http.port | kms-site.xml
KMS_MAX_HTTP_HEADER_SIZE | hadoop.http.max.request.header.size and hadoop.http.max.response.header.size | kms-site.xml
KMS_MAX_THREADS | hadoop.http.max.threads | kms-site.xml
KMS_SSL_ENABLED | hadoop.kms.ssl.enabled | kms-site.xml
KMS_SSL_KEYSTORE_FILE | ssl.server.keystore.location | ssl-server.xml
KMS_SSL_KEYSTORE_PASS | ssl.server.keystore.password | ssl-server.xml
KMS_TEMP | hadoop.http.temp.dir | kms-site.xml

These default HTTP Services have been added.

Name | Description
-------------------|------------------------------------
/conf | Display configuration properties
/jmx | Java JMX management interface
/logLevel | Get or set log level per class
/logs | Display log files
/stacks | Display JVM stacks
/static/index.html | The static home page

The JMX path has been changed from /kms/jmx to /jmx.

Script kms.sh has been deprecated, use `hadoop kms` instead. The new scripts are based on the Hadoop shell scripting framework. `hadoop daemonlog` is supported. SSL configurations are read from ssl-server.xml.

Show
 The following environment variables are deprecated. Set the corresponding configuration properties instead. Environment Variable | Configuration Property | Configuration File -------------------------|------------------------------|-------------------- KMS_HTTP_PORT | hadoop.kms.http.port | kms-site.xml KMS_MAX_HTTP_HEADER_SIZE | hadoop.http.max.request.header.size and hadoop.http.max.response.header.size | kms-site.xml KMS_MAX_THREADS | hadoop.http.max.threads | kms-site.xml KMS_SSL_ENABLED | hadoop.kms.ssl.enabled | kms-site.xml KMS_SSL_KEYSTORE_FILE | ssl.server.keystore.location | ssl-server.xml KMS_SSL_KEYSTORE_PASS | ssl.server.keystore.password | ssl-server.xml KMS_TEMP | hadoop.http.temp.dir | kms-site.xml These default HTTP Services have been added. Name | Description -------------------|------------------------------------ /conf | Display configuration properties /jmx | Java JMX management interface /logLevel | Get or set log level per class /logs | Display log files /stacks | Display JVM stacks /static/index.html | The static home page The JMX path has been changed from /kms/jmx to /jmx. Script kms.sh has been deprecated, use `hadoop kms` instead. The new scripts are based on the Hadoop shell scripting framework. `hadoop daemonlog` is supported. SSL configurations are read from ssl-server.xml.

Description

The Tomcat 6 we are using will reach EOL at the end of 2017. While there are other good options, I would propose switching to Jetty 9 for the following reasons:

Easier migration. Both Tomcat and Jetty are based on Servlet Containers, so we don't have change client code that much. It would require more work to switch to JAX-RS.
Well established.
Good performance and scalability.

Other alternatives:

Jersey + Grizzly
Tomcat 8

Your opinions will be greatly appreciated.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

HADOOP-13597.001.patch
29/Nov/16 04:19
82 kB
John Zhuge
HADOOP-13597.002.patch
02/Dec/16 07:47
97 kB
John Zhuge
HADOOP-13597.003.patch
08/Dec/16 05:53
102 kB
John Zhuge
HADOOP-13597.004.patch
11/Dec/16 07:26
107 kB
John Zhuge
HADOOP-13597.005.patch
16/Dec/16 18:02
110 kB
John Zhuge
HADOOP-13597.006.patch
22/Dec/16 20:41
115 kB
John Zhuge
HADOOP-13597.007.patch
04/Jan/17 08:31
116 kB
John Zhuge

Issue Links

blocks

HADOOP-15698 KMS log4j is not initialized properly at startup

Resolved

breaks

HADOOP-13961 Fix compilation failure from missing hadoop-kms test jar

Resolved

HADOOP-15696 KMS performance regression due to too many open file descriptors after Jetty migration

Resolved

HADOOP-14317 KMSWebServer$deprecateEnv may leak secret

Resolved

HADOOP-15638 KMS Accept Queue Size default changed from 500 to 128 in Hadoop 3.x

Resolved

HADOOP-14608 KMS JMX servlet path not backwards compatible

Resolved

causes

HDFS-15097 Purge log in KMS and HttpFS

Resolved

depends upon

HADOOP-10075 Update jetty dependency to version 9

Resolved

is depended upon by

HADOOP-14047 Require admin to access KMS instrumentation servlets

Resolved

HDFS-10860 Switch HttpFS from Tomcat to Jetty

Resolved

HADOOP-13875 HttpServer2 should support more SSL configuration properties

Open

HADOOP-13955 Replace deprecated HttpServer2 and SSLFactory constants

Resolved

HADOOP-13990 Document KMS usage of CredentialProvider API

Resolved

HADOOP-14340 Enable KMS and HttpFS to exclude SSL ciphers

Resolved

HADOOP-14352 Make some HttpServer2 SSL properties optional

Resolved

HADOOP-14367 Remove unused setting from pom.xml

Resolved

HADOOP-14375 Remove tomcat support from hadoop-functions.sh

Resolved

is duplicated by

HADOOP-13872 KMS JMX exception

Resolved

is related to

HADOOP-13992 KMS should load SSL configuration the same way as SSLFactory

Resolved

HADOOP-11070 Create MiniKMS for testing

Closed

supercedes

HADOOP-12809 Move to tomcat 8.0.21 to support different passwords for key and keystore on HTTPFS/KMS using SSL

Resolved

(1 breaks, 1 causes, 1 depends upon, 9 is depended upon by, 1 is duplicated by, 2 is related to, 1 supercedes)

Activity

People

Assignee:: John Zhuge

Reporter:: John Zhuge

Votes:: 0 Vote for this issue

Watchers:: 18 Start watching this issue

Dates

Created:: 13/Sep/16 05:09

Updated:: 07/Jan/20 09:08

Resolved:: 06/Jan/17 01:24