hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Arun Suresh (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HDFS-7935) Support multi-homed networks when Kerberos security is enabled
Date Mon, 16 Mar 2015 21:22:39 GMT

    [ https://issues.apache.org/jira/browse/HDFS-7935?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14363976#comment-14363976
] 

Arun Suresh commented on HDFS-7935:
-----------------------------------

Im running Hadoop 2.6.0, I still get this when trying to start NN in HA though

{noformat}
2015-03-14 20:34:35,197 ERROR org.apache.hadoop.hdfs.server.namenode.NameNode: Error encountered
requiring NN shutdown. Shutting down immediately.
java.io.IOException: Cannot use a wildcard address with security. Must explicitly set bind
address for Kerberos
	at org.apache.hadoop.hdfs.DFSUtil.substituteForWildcardAddress(DFSUtil.java:1177)
	at org.apache.hadoop.hdfs.DFSUtil.getInfoServerWithDefaultHost(DFSUtil.java:1138)
	at org.apache.hadoop.hdfs.server.namenode.ha.StandbyCheckpointer.getHttpAddress(StandbyCheckpointer.java:116)
	at org.apache.hadoop.hdfs.server.namenode.ha.StandbyCheckpointer.setNameNodeAddresses(StandbyCheckpointer.java:100)
	at org.apache.hadoop.hdfs.server.namenode.ha.StandbyCheckpointer.<init>(StandbyCheckpointer.java:90)
	at org.apache.hadoop.hdfs.server.namenode.FSNamesystem.startStandbyServices(FSNamesystem.java:1353)
	at org.apache.hadoop.hdfs.server.namenode.NameNode$NameNodeHAContext.startStandbyServices(NameNode.java:1728)
	at org.apache.hadoop.hdfs.server.namenode.ha.StandbyState.enterState(StandbyState.java:58)
	at org.apache.hadoop.hdfs.server.namenode.NameNode.<init>(NameNode.java:812)
	at org.apache.hadoop.hdfs.server.namenode.NameNode.<init>(NameNode.java:792)
{noformat}

And I have the following properties in *hdfs-site.xml*

{noformat}
 <property>
    <name>dfs.namenode.servicerpc-address.nameservice1.namenode14</name>
    <value>0.0.0.0:8022</value>
  </property>
 <property>
    <name>dfs.namenode.http-address.nameservice1.namenode14</name>
    <value>0.0.0.0:20101</value>
  </property>
  <property>
    <name>dfs.namenode.https-address.nameservice1.namenode14</name>
    <value>0.0.0.0:20102</value>
  </property>
{noformat}

So looks like 

> Support multi-homed networks when Kerberos security is enabled
> --------------------------------------------------------------
>
>                 Key: HDFS-7935
>                 URL: https://issues.apache.org/jira/browse/HDFS-7935
>             Project: Hadoop HDFS
>          Issue Type: Bug
>            Reporter: Arun Suresh
>            Assignee: Arun Suresh
>
> Currently, during SASL negotiation stage between ipc Client and Server, The server sends
only a single serviceId (curresponding to a single principal) to the client. This is the principal
the the server process is logged in as during startup.
> It is possible that in a multi-homed network, the server might be associated with more
than one principal, and thus severs must provide the clients all possible principals it can
use to connect to.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message