HADOOP-12764. Increase default value of KMS maxHttpHeaderSize and make it configurable. (zhz)

Change-Id: Iabb766f6311b83a1ac03093b0ba26a0284b74d70
This commit is contained in:
Zhe Zhang 2016-02-11 09:29:14 -08:00
parent 3a5b39e931
commit 84dcd1a802
6 changed files with 16 additions and 1 deletions

View File

@ -40,6 +40,10 @@
# #
# export KMS_MAX_THREADS=1000 # export KMS_MAX_THREADS=1000
# The maximum size of Tomcat HTTP header
#
# export KMS_MAX_HTTP_HEADER_SIZE=65536
# The location of the SSL keystore if using SSL # The location of the SSL keystore if using SSL
# #
# export KMS_SSL_KEYSTORE_FILE=${HOME}/.keystore # export KMS_SSL_KEYSTORE_FILE=${HOME}/.keystore

View File

@ -143,6 +143,13 @@ else
print "Using KMS_MAX_THREADS: ${KMS_MAX_THREADS}" print "Using KMS_MAX_THREADS: ${KMS_MAX_THREADS}"
fi fi
if [ "${KMS_MAX_HTTP_HEADER_SIZE}" = "" ]; then
export KMS_MAX_HTTP_HEADER_SIZE=65536
print "Setting KMS_MAX_HTTP_HEADER_SIZE: ${KMS_MAX_HTTP_HEADER_SIZE}"
else
print "Using KMS_MAX_HTTP_HEADER_SIZE: ${KMS_MAX_HTTP_HEADER_SIZE}"
fi
if [ "${KMS_SSL_KEYSTORE_FILE}" = "" ]; then if [ "${KMS_SSL_KEYSTORE_FILE}" = "" ]; then
export KMS_SSL_KEYSTORE_FILE=${HOME}/.keystore export KMS_SSL_KEYSTORE_FILE=${HOME}/.keystore
print "Setting KMS_SSL_KEYSTORE_FILE: ${KMS_SSL_KEYSTORE_FILE}" print "Setting KMS_SSL_KEYSTORE_FILE: ${KMS_SSL_KEYSTORE_FILE}"

View File

@ -57,6 +57,7 @@ catalina_opts="${catalina_opts} -Dkms.temp.dir=${KMS_TEMP}";
catalina_opts="${catalina_opts} -Dkms.admin.port=${KMS_ADMIN_PORT}"; catalina_opts="${catalina_opts} -Dkms.admin.port=${KMS_ADMIN_PORT}";
catalina_opts="${catalina_opts} -Dkms.http.port=${KMS_HTTP_PORT}"; catalina_opts="${catalina_opts} -Dkms.http.port=${KMS_HTTP_PORT}";
catalina_opts="${catalina_opts} -Dkms.max.threads=${KMS_MAX_THREADS}"; catalina_opts="${catalina_opts} -Dkms.max.threads=${KMS_MAX_THREADS}";
catalina_opts="${catalina_opts} -Dkms.max.http.header.size=${KMS_MAX_HTTP_HEADER_SIZE}";
catalina_opts="${catalina_opts} -Dkms.ssl.keystore.file=${KMS_SSL_KEYSTORE_FILE}"; catalina_opts="${catalina_opts} -Dkms.ssl.keystore.file=${KMS_SSL_KEYSTORE_FILE}";
catalina_opts="${catalina_opts} -Djava.library.path=${JAVA_LIBRARY_PATH}"; catalina_opts="${catalina_opts} -Djava.library.path=${JAVA_LIBRARY_PATH}";

View File

@ -75,7 +75,8 @@
<Connector port="${kms.http.port}" protocol="HTTP/1.1" <Connector port="${kms.http.port}" protocol="HTTP/1.1"
maxThreads="${kms.max.threads}" maxThreads="${kms.max.threads}"
connectionTimeout="20000" connectionTimeout="20000"
redirectPort="8443"/> redirectPort="8443"
maxHttpHeaderSize="${kms.max.http.header.size}"/>
<!-- A "Connector" using the shared thread pool--> <!-- A "Connector" using the shared thread pool-->
<!-- <!--
<Connector executor="tomcatThreadPool" <Connector executor="tomcatThreadPool"

View File

@ -70,6 +70,7 @@
described in the APR documentation --> described in the APR documentation -->
<Connector port="${kms.http.port}" protocol="HTTP/1.1" SSLEnabled="true" <Connector port="${kms.http.port}" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="${kms.max.threads}" scheme="https" secure="true" maxThreads="${kms.max.threads}" scheme="https" secure="true"
maxHttpHeaderSize="${kms.max.http.header.size}"
clientAuth="false" sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2,SSLv2Hello" clientAuth="false" sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2,SSLv2Hello"
truststorePass="_kms_ssl_truststore_pass_" truststorePass="_kms_ssl_truststore_pass_"
keystoreFile="${kms.ssl.keystore.file}" keystoreFile="${kms.ssl.keystore.file}"

View File

@ -120,6 +120,7 @@ The following environment variables (which can be set in KMS's `etc/hadoop/kms-e
* KMS_HTTP_PORT * KMS_HTTP_PORT
* KMS_ADMIN_PORT * KMS_ADMIN_PORT
* KMS_MAX_THREADS * KMS_MAX_THREADS
* KMS_MAX_HTTP_HEADER_SIZE
* KMS_LOGNOTE: You need to restart the KMS for the configuration changes to take effect. * KMS_LOGNOTE: You need to restart the KMS for the configuration changes to take effect.
$H3 Loading native libraries $H3 Loading native libraries