HADOOP-12764. Increase default value of KMX maxHttpHeaderSize and make it configurable.

Change-Id: I6e970563c201152e1428feafb8124e61c15a6fc0

hadoop-common-project/hadoop-common/CHANGES.txt

@@ -1111,6 +1111,9 @@ Release 2.8.0 - UNRELEASED
     HADOOP-12752. Improve diagnostics/use of envvar/sysprop credential
     propagation (Steve Loughran via cnauroth)
 
+    HADOOP-12764. Increase default value of KMX maxHttpHeaderSize and make it
+    configurable. (zhz)
+
   OPTIMIZATIONS
 
     HADOOP-11785. Reduce the number of listStatus operation in distcp

hadoop-common-project/hadoop-common/src/main/bin/hadoop-functions.sh

@@ -1221,6 +1221,7 @@ function hadoop_finalize_catalina_opts
   hadoop_add_param CATALINA_OPTS "${prefix}.admin.port" "-D${prefix}.admin.port=${HADOOP_CATALINA_ADMIN_PORT}"
   hadoop_add_param CATALINA_OPTS "${prefix}.http.port" "-D${prefix}.http.port=${HADOOP_CATALINA_HTTP_PORT}"
   hadoop_add_param CATALINA_OPTS "${prefix}.max.threads" "-D${prefix}.max.threads=${HADOOP_CATALINA_MAX_THREADS}"
+  hadoop_add_param CATALINA_OPTS "${prefix}.max.http.header.size" "-D${prefix}.max.http.header.size=${HADOOP_CATALINA_MAX_HTTP_HEADER_SIZE}"
   hadoop_add_param CATALINA_OPTS "${prefix}.ssl.keystore.file" "-D${prefix}.ssl.keystore.file=${HADOOP_CATALINA_SSL_KEYSTORE_FILE}"
 }
 

hadoop-common-project/hadoop-kms/src/main/conf/kms-env.sh

@@ -34,6 +34,10 @@
 #
 # export KMS_MAX_THREADS=1000
 
+# The maximum size of Tomcat HTTP header
+#
+# export KMS_MAX_HTTP_HEADER_SIZE=65536
+
 # The location of the SSL keystore if using SSL
 #
 # export KMS_SSL_KEYSTORE_FILE=${HOME}/.keystore

hadoop-common-project/hadoop-kms/src/main/libexec/kms-config.sh

@@ -40,6 +40,7 @@ function hadoop_subproject_init
   export HADOOP_CATALINA_HTTP_PORT="${KMS_HTTP_PORT:-16000}"
   export HADOOP_CATALINA_ADMIN_PORT="${KMS_ADMIN_PORT:-$((HADOOP_CATALINA_HTTP_PORT+1))}"
   export HADOOP_CATALINA_MAX_THREADS="${KMS_MAX_THREADS:-1000}"
+  export HADOOP_CATALINA_MAX_HTTP_HEADER_SIZE="${KMS_MAX_HTTP_HEADER_SIZE:-65536}"
 
   export HADOOP_CATALINA_SSL_KEYSTORE_FILE="${KMS_SSL_KEYSTORE_FILE:-${HOME}/.keystore}"
 

hadoop-common-project/hadoop-kms/src/main/tomcat/server.xml

@@ -75,7 +75,8 @@
     <Connector port="${kms.http.port}" protocol="HTTP/1.1"
                maxThreads="${kms.max.threads}"
                connectionTimeout="20000"
-               redirectPort="8443"/>
+               redirectPort="8443"
+               maxHttpHeaderSize="${kms.max.http.header.size}"/>
     <!-- A "Connector" using the shared thread pool-->
     <!--
     <Connector executor="tomcatThreadPool"

hadoop-common-project/hadoop-kms/src/main/tomcat/ssl-server.xml.conf

@@ -70,6 +70,7 @@
          described in the APR documentation -->
     <Connector port="${kms.http.port}" protocol="HTTP/1.1" SSLEnabled="true"
                maxThreads="${kms.max.threads}" scheme="https" secure="true"
+               maxHttpHeaderSize="${kms.max.http.header.size}"
                clientAuth="false" sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2,SSLv2Hello"
                truststorePass="_kms_ssl_truststore_pass_"
                keystoreFile="${kms.ssl.keystore.file}"

hadoop-common-project/hadoop-kms/src/site/markdown/index.md.vm

@@ -120,6 +120,7 @@ The following environment variables (which can be set in KMS's `etc/hadoop/kms-e
 * KMS_HTTP_PORT
 * KMS_ADMIN_PORT
 * KMS_MAX_THREADS
+* KMS_MAX_HTTP_HEADER_SIZE
 * KMS_LOGNOTE: You need to restart the KMS for the configuration changes to take effect.
 
 $H3 Loading native libraries