hadoop-hdfs-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Oleg Zhurakousky <oleg.zhurakou...@gmail.com>
Subject Re: SIMPLE authentication is not enabled. Available:[TOKEN]
Date Sat, 15 Mar 2014 21:56:03 GMT
The bug you referring to is this i think


. . . and is not really the issue in my case, since my IPv6 is disabled.

What I really want to know is why TOKEN is hard coded in ipc Server. I
can't wait to hear the argument ;)

Anyway, thanks for reply.


On Sat, Mar 15, 2014 at 5:19 PM, Edward Capriolo <edlinuxguru@gmail.com>wrote:

> There was a bug around this message that was fixed. I found another bug I
> forgot to report. If your system is using ipv6 yarn get get confused over
> the source/destination ips and throw this message at you. You can go in
> your configuration files and specific a specfic address to bind. You can
> also go into your hostfile and ensure localhost does not refer to an ipv6
> address. Java also has a -D switch like preferIPV4 or something like that.
> On Sat, Mar 15, 2014 at 4:18 PM, Oleg Zhurakousky <
> oleg.zhurakousky@gmail.com> wrote:
>> So here is my dilemma.
>> I am trying to register ApplicationMaster to a remote YARN cluster and I
>> get
>> Caused by:
>> org.apache.hadoop.ipc.RemoteException(org.apache.hadoop.security.AccessControlException):
>> SIMPLE authentication is not enabled.  Available:[TOKEN]
>> at org.apache.hadoop.ipc.Client.call(Client.java:1406)
>> at org.apache.hadoop.ipc.Client.call(Client.java:1359)
>> at org.apache.hadoop.ipc.ProtobufRpcEngine$Invoker.invoke(
>> ProtobufRpcEngine.java:206)
>> at com.sun.proxy.$Proxy7.registerApplicationMaster(Unknown Source)
>> at
>> org.apache.hadoop.yarn.api.impl.pb.client.ApplicationMasterProtocolPBClientImpl.registerApplicationMaster(
>> ApplicationMasterProtocolPBClientImpl.java:106)
>> My security is explicitly set to SIMPLE and I can see it in my logs:
>> org.apache.hadoop.ipc.Server: Server accepts auth methods:[TOKEN, SIMPLE]
>> What is unclear is why [TOKEN] get's there and when I say unclear, its
>> actually very clear from the ipc Server code. The real question is why
>> TOKEN is hard coded there in the first place for the cases when Secret
>> Manager is present. Which also raises another question; How to disable
>> Secret Manager.
>> Cheers
>> Oleg

View raw message