HDFS-13492. Limit httpfs binds to certain IP addresses in branch-2. Contributed by Wei-Chiu Chuang.

2018-04-26 09:55:03 -07:00 · 2018-04-26 09:55:03 -07:00 · a5fc638235
parent 33ffc96085
commit a5fc638235
3 changed files with 6 additions and 3 deletions
--- a/hadoop-hdfs-project/hadoop-hdfs-httpfs/src/main/tomcat/server.xml
+++ b/hadoop-hdfs-project/hadoop-hdfs-httpfs/src/main/tomcat/server.xml
@ -69,7 +69,8 @@
         APR (HTTP/AJP) Connector: /docs/apr.html
         Define a non-SSL HTTP/1.1 Connector on port ${httpfs.http.port}
    -->
-    <Connector port="${httpfs.http.port}" protocol="HTTP/1.1"
+    <Connector address="${httpfs.http.hostname}"
+               port="${httpfs.http.port}" protocol="HTTP/1.1"
               connectionTimeout="20000"
               maxHttpHeaderSize="${httpfs.max.http.header.size}"
               redirectPort="8443"/>
--- a/hadoop-hdfs-project/hadoop-hdfs-httpfs/src/main/tomcat/ssl-server.xml
+++ b/hadoop-hdfs-project/hadoop-hdfs-httpfs/src/main/tomcat/ssl-server.xml
@ -68,7 +68,8 @@
         This connector uses the JSSE configuration, when using APR, the
         connector should be using the OpenSSL style configuration
         described in the APR documentation -->
-    <Connector port="${httpfs.http.port}" protocol="HTTP/1.1" SSLEnabled="true"
+    <Connector address="${httpfs.http.hostname}"
+               port="${httpfs.http.port}" protocol="HTTP/1.1" SSLEnabled="true"
               maxThreads="150" scheme="https" secure="true"
               maxHttpHeaderSize="${httpfs.max.http.header.size}"
               clientAuth="${httpfs.ssl.client.auth}"
--- a/hadoop-hdfs-project/hadoop-hdfs-httpfs/src/site/markdown/ServerSetup.md.vm
+++ b/hadoop-hdfs-project/hadoop-hdfs-httpfs/src/site/markdown/ServerSetup.md.vm
@ -72,13 +72,14 @@ Embedded Tomcat Configuration

 To configure the embedded Tomcat go to the `tomcat/conf`.

-HttpFS preconfigures the HTTP and Admin ports in Tomcat's `server.xml` to 14000 and 14001.
+HttpFS preconfigures the HTTP and Admin ports in Tomcat's `server.xml` to 14000 and 14001, and it binds to all IP addresses on the host.

 Tomcat logs are also preconfigured to go to HttpFS's `logs/` directory.

 HttpFS default value for the maxHttpHeaderSize parameter in Tomcat's `server.xml` is set to 65536 by default.

 The following environment variables (which can be set in HttpFS's `etc/hadoop/httpfs-env.sh` script) can be used to alter those values:
+* HTTPFS\_HTTP\_HOSTNAME

 * HTTPFS\_HTTP\_PORT