hadoop-hdfs-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jeff Zhang <zjf...@gmail.com>
Subject Re: SIMPLE authentication is not enabled. Available:[TOKEN]
Date Sun, 16 Mar 2014 07:10:17 GMT
Hi Oleg,

I meet the same issue when I start an unmanaged AM in client side in thread
way. The issue is in the code of hadoop-common-yarn. You could try to use
the code of hadoop-common-yarn of 2.3 instead of 2.2  This resolve my
problem at least.




On Sun, Mar 16, 2014 at 5:56 AM, Oleg Zhurakousky <
oleg.zhurakousky@gmail.com> wrote:

> The bug you referring to is this i think
>
> https://issues.apache.org/jira/browse/YARN-945
>
> . . . and is not really the issue in my case, since my IPv6 is disabled.
>
> What I really want to know is why TOKEN is hard coded in ipc Server. I
> can't wait to hear the argument ;)
>
>
> Anyway, thanks for reply.
>
> Oleg
>
>
>
>
> On Sat, Mar 15, 2014 at 5:19 PM, Edward Capriolo <edlinuxguru@gmail.com>wrote:
>
>> There was a bug around this message that was fixed. I found another bug I
>> forgot to report. If your system is using ipv6 yarn get get confused over
>> the source/destination ips and throw this message at you. You can go in
>> your configuration files and specific a specfic address to bind. You can
>> also go into your hostfile and ensure localhost does not refer to an ipv6
>> address. Java also has a -D switch like preferIPV4 or something like that.
>>
>>
>> On Sat, Mar 15, 2014 at 4:18 PM, Oleg Zhurakousky <
>> oleg.zhurakousky@gmail.com> wrote:
>>
>>> So here is my dilemma.
>>>
>>> I am trying to register ApplicationMaster to a remote YARN cluster and I
>>> get
>>>
>>> Caused by:
>>> org.apache.hadoop.ipc.RemoteException(org.apache.hadoop.security.AccessControlException):
>>> SIMPLE authentication is not enabled.  Available:[TOKEN]
>>>
>>> at org.apache.hadoop.ipc.Client.call(Client.java:1406)
>>>
>>> at org.apache.hadoop.ipc.Client.call(Client.java:1359)
>>>
>>> at org.apache.hadoop.ipc.ProtobufRpcEngine$Invoker.invoke(
>>> ProtobufRpcEngine.java:206)
>>>
>>> at com.sun.proxy.$Proxy7.registerApplicationMaster(Unknown Source)
>>>
>>> at
>>> org.apache.hadoop.yarn.api.impl.pb.client.ApplicationMasterProtocolPBClientImpl.registerApplicationMaster(
>>> ApplicationMasterProtocolPBClientImpl.java:106)
>>> My security is explicitly set to SIMPLE and I can see it in my logs:
>>>
>>> org.apache.hadoop.ipc.Server: Server accepts auth methods:[TOKEN, SIMPLE]
>>>
>>> What is unclear is why [TOKEN] get's there and when I say unclear, its
>>> actually very clear from the ipc Server code. The real question is why
>>> TOKEN is hard coded there in the first place for the cases when Secret
>>> Manager is present. Which also raises another question; How to disable
>>> Secret Manager.
>>>
>>> Cheers
>>> Oleg
>>>
>>>
>>
>


-- 
Best Regards

Jeff Zhang

Mime
View raw message