hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Steve Loughran (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-14969) Improve diagnostics in secure DataNode startup
Date Fri, 12 Jan 2018 11:25:00 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-14969?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16323840#comment-16323840

Steve Loughran commented on HADOOP-14969:

I'd prefer IOEs to get thrown, its what more things expect and catch.

I know that{{checkSecureConfig}} doesn't throw IOEs, but as it is only called from the DN
constructor, it's easy to add and nothing can break 

> Improve diagnostics in secure DataNode startup
> ----------------------------------------------
>                 Key: HADOOP-14969
>                 URL: https://issues.apache.org/jira/browse/HADOOP-14969
>             Project: Hadoop Common
>          Issue Type: Improvement
>            Reporter: Ajay Kumar
>            Assignee: Ajay Kumar
>         Attachments: HADOOP-14969.001.patch, HADOOP-14969.002.patch, HADOOP-14969.003.patch,
> When DN secure mode configuration is incorrect, it throws the following exception from
> {code}
>   private static void checkSecureConfig(DNConf dnConf, Configuration conf,
>       SecureResources resources) throws RuntimeException {
>     if (!UserGroupInformation.isSecurityEnabled()) {
>       return;
>     }
> ...
>     throw new RuntimeException("Cannot start secure DataNode without " +
>       "configuring either privileged resources or SASL RPC data transfer " +
>       "protection and SSL for HTTP.  Using privileged resources in " +
>       "combination with SASL RPC data transfer protection is not supported.");
> {code}
> The DN should print more useful diagnostics as to what exactly what went wrong.
> Also when starting secure DN with resources then the startup scripts should launch the
SecureDataNodeStarter class. If no SASL is configured and SecureDataNodeStarter is not used,
then we could mention that too.

This message was sent by Atlassian JIRA

To unsubscribe, e-mail: common-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-issues-help@hadoop.apache.org

View raw message