hadoop-hdfs-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Marc Sturm" <mas9...@nyp.org>
Subject setting up https in hdfs-site.xml
Date Thu, 24 May 2012 20:31:51 GMT
Hi All,

I would like to setup https so a user is required to authenticate to browse the filesystem
and look at dfshealth. Right now, we are just starting to get familiar with hadoop hdfs and
MR on a pseudo distributed environment.

My understanding is that I have to change the hdfs-site.xml properties to:
dfs.https.enable=true
dfs.client.https.need-auth=true
I left the default ones for the two https addresses.

I also created the two ssl-client.xml and ssl-server.xml files with the truststore and keystore
locations, password and type.

When I try to start the namenode it fails with the following error in the log:
2012-05-24 16:10:54,943 ERROR org.apache.hadoop.hdfs.server.namenode.NameNode: java.lang.IllegalArgumentException:
Does not contain a valid host:port authority: 0.0.0.0:0.0.0.0:0
        at org.apache.hadoop.net.NetUtils.createSocketAddr(NetUtils.java:162)
        at org.apache.hadoop.net.NetUtils.createSocketAddr(NetUtils.java:128)
        at org.apache.hadoop.hdfs.server.namenode.NameNode$1.run(NameNode.java:406)
        at org.apache.hadoop.hdfs.server.namenode.NameNode$1.run(NameNode.java:353)
        at java.security.AccessController.doPrivileged(Native Method)
        at javax.security.auth.Subject.doAs(Subject.java:396)
        at org.apache.hadoop.security.UserGroupInformation.doAs(UserGroupInformation.java:1093)
        at org.apache.hadoop.hdfs.server.namenode.NameNode.startHttpServer(NameNode.java:353)
        at org.apache.hadoop.hdfs.server.namenode.NameNode.initialize(NameNode.java:305)
        at org.apache.hadoop.hdfs.server.namenode.NameNode.<init>(NameNode.java:496)
        at org.apache.hadoop.hdfs.server.namenode.NameNode.createNameNode(NameNode.java:1279)
        at org.apache.hadoop.hdfs.server.namenode.NameNode.main(NameNode.java:1288)

If I reverse back dfs.https.enable to false, everything works fine.

So I just would like to know if I am doing to right thing, and if anyone has faced the same
issue... or done it successfully.

Thanks,
Marc

________________________________
This electronic message is intended to be for the use only of the named recipient, and may
contain information that is confidential or privileged. If you are not the intended recipient,
you are hereby notified that any disclosure, copying, distribution or use of the contents
of this message is strictly prohibited. If you have received this message in error or are
not the named recipient, please notify us immediately by contacting the sender at the electronic
mail address noted above, and delete and destroy all copies of this message. Thank you.


--------------------

This electronic message is intended to be for the use only of the named recipient, and may
contain information that is confidential or privileged.  If you are not the intended recipient,
you are hereby notified that any disclosure, copying, distribution or use of the contents
of this message is strictly prohibited.  If you have received this message in error or are
not the named recipient, please notify us immediately by contacting the sender at the electronic
mail address noted above, and delete and destroy all copies of this message.  Thank you.




--------------------

This electronic message is intended to be for the use only of the named recipient, and may
contain information that is confidential or privileged.  If you are not the intended recipient,
you are hereby notified that any disclosure, copying, distribution or use of the contents
of this message is strictly prohibited.  If you have received this message in error or are
not the named recipient, please notify us immediately by contacting the sender at the electronic
mail address noted above, and delete and destroy all copies of this message.  Thank you.




Mime
View raw message