HADOOP-12825. Log slow name resolutions. (Sidharta Seethana via stevel)

This commit is contained in:
Steve Loughran 2016-02-27 20:05:35 +00:00
parent 798babf661
commit 03cfb454fe
4 changed files with 74 additions and 3 deletions

View File

@ -1160,6 +1160,9 @@ Release 2.8.0 - UNRELEASED
HADOOP-12824. Collect network and disk usage on the node running Windows. HADOOP-12824. Collect network and disk usage on the node running Windows.
(Inigo Goiri via xyao) (Inigo Goiri via xyao)
HADOOP-12825. Log slow name resolutions.
(Sidharta Seethana via stevel)
OPTIMIZATIONS OPTIMIZATIONS
HADOOP-11785. Reduce the number of listStatus operation in distcp HADOOP-11785. Reduce the number of listStatus operation in distcp

View File

@ -204,6 +204,18 @@ public class CommonConfigurationKeys extends CommonConfigurationKeysPublic {
public static final boolean HADOOP_SECURITY_TOKEN_SERVICE_USE_IP_DEFAULT = public static final boolean HADOOP_SECURITY_TOKEN_SERVICE_USE_IP_DEFAULT =
true; true;
/** See <a href="{@docRoot}/../core-default.html">core-default.xml .</a> */
public static final String HADOOP_SECURITY_DNS_LOG_SLOW_LOOKUPS_ENABLED_KEY =
"hadoop.security.dns.log-slow-lookups.enabled";
public static final boolean
HADOOP_SECURITY_DNS_LOG_SLOW_LOOKUPS_ENABLED_DEFAULT = false;
/** See <a href="{@docRoot}/../core-default.html">core-default.xml .</a> */
public static final String
HADOOP_SECURITY_DNS_LOG_SLOW_LOOKUPS_THRESHOLD_MS_KEY =
"hadoop.security.dns.log-slow-lookups.threshold.ms";
public static final int
HADOOP_SECURITY_DNS_LOG_SLOW_LOOKUPS_THRESHOLD_MS_DEFAULT = 1000;
/** /**
* HA health monitor and failover controller. * HA health monitor and failover controller.
*/ */

View File

@ -30,6 +30,7 @@ import java.security.PrivilegedExceptionAction;
import java.util.Arrays; import java.util.Arrays;
import java.util.List; import java.util.List;
import java.util.ServiceLoader; import java.util.ServiceLoader;
import java.util.concurrent.TimeUnit;
import javax.annotation.Nullable; import javax.annotation.Nullable;
import javax.security.auth.kerberos.KerberosPrincipal; import javax.security.auth.kerberos.KerberosPrincipal;
@ -47,6 +48,7 @@ import org.apache.hadoop.net.NetUtils;
import org.apache.hadoop.security.UserGroupInformation.AuthenticationMethod; import org.apache.hadoop.security.UserGroupInformation.AuthenticationMethod;
import org.apache.hadoop.security.token.Token; import org.apache.hadoop.security.token.Token;
import org.apache.hadoop.security.token.TokenInfo; import org.apache.hadoop.security.token.TokenInfo;
import org.apache.hadoop.util.StopWatch;
import org.apache.hadoop.util.StringUtils; import org.apache.hadoop.util.StringUtils;
@ -79,6 +81,9 @@ public class SecurityUtil {
setTokenServiceUseIp(useIp); setTokenServiceUseIp(useIp);
} }
private static boolean logSlowLookups = getLogSlowLookupsEnabled();
private static int slowLookupThresholdMs = getSlowLookupThresholdMs();
/** /**
* For use only by tests and initialization * For use only by tests and initialization
*/ */
@ -480,9 +485,27 @@ public class SecurityUtil {
} }
} }
private static boolean getLogSlowLookupsEnabled() {
Configuration conf = new Configuration();
return conf.getBoolean(CommonConfigurationKeys
.HADOOP_SECURITY_DNS_LOG_SLOW_LOOKUPS_ENABLED_KEY,
CommonConfigurationKeys
.HADOOP_SECURITY_DNS_LOG_SLOW_LOOKUPS_ENABLED_DEFAULT);
}
private static int getSlowLookupThresholdMs() {
Configuration conf = new Configuration();
return conf.getInt(CommonConfigurationKeys
.HADOOP_SECURITY_DNS_LOG_SLOW_LOOKUPS_THRESHOLD_MS_KEY,
CommonConfigurationKeys
.HADOOP_SECURITY_DNS_LOG_SLOW_LOOKUPS_THRESHOLD_MS_DEFAULT);
}
/** /**
* Resolves a host subject to the security requirements determined by * Resolves a host subject to the security requirements determined by
* hadoop.security.token.service.use_ip. * hadoop.security.token.service.use_ip. Optionally logs slow resolutions.
* *
* @param hostname host or ip to resolve * @param hostname host or ip to resolve
* @return a resolved host * @return a resolved host
@ -491,8 +514,23 @@ public class SecurityUtil {
@InterfaceAudience.Private @InterfaceAudience.Private
public static public static
InetAddress getByName(String hostname) throws UnknownHostException { InetAddress getByName(String hostname) throws UnknownHostException {
if (logSlowLookups || LOG.isTraceEnabled()) {
StopWatch lookupTimer = new StopWatch().start();
InetAddress result = hostResolver.getByName(hostname);
long elapsedMs = lookupTimer.stop().now(TimeUnit.MILLISECONDS);
if (elapsedMs >= slowLookupThresholdMs) {
LOG.warn("Slow name lookup for " + hostname + ". Took " + elapsedMs +
" ms.");
} else if (LOG.isTraceEnabled()) {
LOG.trace("Name lookup for " + hostname + " took " + elapsedMs +
" ms.");
}
return result;
} else {
return hostResolver.getByName(hostname); return hostResolver.getByName(hostname);
} }
}
interface HostResolver { interface HostResolver {
InetAddress getByName(String host) throws UnknownHostException; InetAddress getByName(String host) throws UnknownHostException;

View File

@ -113,6 +113,24 @@
</description> </description>
</property> </property>
<property>
<name>hadoop.security.dns.log-slow-lookups.enabled</name>
<value>false</value>
<description>
Time name lookups (via SecurityUtil) and log them if they exceed the
configured threshold.
</description>
</property>
<property>
<name>hadoop.security.dns.log-slow-lookups.threshold.ms</name>
<value>1000</value>
<description>
If slow lookup logging is enabled, this threshold is used to decide if a
lookup is considered slow enough to be logged.
</description>
</property>
<!-- <!--
=== Multiple group mapping providers configuration sample === === Multiple group mapping providers configuration sample ===
This sample illustrates a typical use case for CompositeGroupsMapping where This sample illustrates a typical use case for CompositeGroupsMapping where