[HDFS-15383] RBF: Disable watch in ZKDelegationSecretManager for performance - ASF JIRA

Log work

Agile Board

Rank to Top

Rank to Bottom

Attach files

Attach Screenshot

Bulk Copy Attachments

Bulk Move Attachments

Voters

Stop watching

Watchers

Create sub-task

Convert to sub-task

Move

Link

Clone

Labels

Update Comment Author

Replace String in Comment

Update Comment Visibility

Delete Comments

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 3.4.0, 3.3.6
Fix Version/s: 3.4.0, 3.3.6
Component/s: rbf
Labels:
- pull-request-available

Target Version/s:

3.4.0, 3.3.6
Hadoop Flags:

Reviewed

Description

Based on the current design for delegation token in secure Router, the total number of watches for tokens is the product of number of routers and number of tokens, this is due to ZKDelegationTokenManager is using PathChildrenCache from curator, which automatically sets the watch and ZK will push the sync information to each router. There are some evaluations about the number of watches in Zookeeper has negative performance impact to Zookeeper server.

In our practice when the number of watches exceeds 1.2 Million in a single ZK server there will be significant ZK performance degradation. Thus this ticket is to rewrite ZKDelegationTokenManagerImpl.java to explicitly disable the PathChildrenCache and have Routers sync periodically from Zookeeper. This has been working fine at the scale of 10 Routers with 2 million tokens.