hadoop-mapreduce-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Oleg Zhurakousky <oleg.zhurakou...@gmail.com>
Subject Re: SIMPLE authentication is not enabled. Available:[TOKEN]
Date Sat, 15 Mar 2014 21:56:03 GMT
The bug you referring to is this i think

https://issues.apache.org/jira/browse/YARN-945

. . . and is not really the issue in my case, since my IPv6 is disabled.

What I really want to know is why TOKEN is hard coded in ipc Server. I
can't wait to hear the argument ;)


Anyway, thanks for reply.

Oleg




On Sat, Mar 15, 2014 at 5:19 PM, Edward Capriolo <edlinuxguru@gmail.com>wrote:

> There was a bug around this message that was fixed. I found another bug I
> forgot to report. If your system is using ipv6 yarn get get confused over
> the source/destination ips and throw this message at you. You can go in
> your configuration files and specific a specfic address to bind. You can
> also go into your hostfile and ensure localhost does not refer to an ipv6
> address. Java also has a -D switch like preferIPV4 or something like that.
>
>
> On Sat, Mar 15, 2014 at 4:18 PM, Oleg Zhurakousky <
> oleg.zhurakousky@gmail.com> wrote:
>
>> So here is my dilemma.
>>
>> I am trying to register ApplicationMaster to a remote YARN cluster and I
>> get
>>
>> Caused by:
>> org.apache.hadoop.ipc.RemoteException(org.apache.hadoop.security.AccessControlException):
>> SIMPLE authentication is not enabled.  Available:[TOKEN]
>>
>> at org.apache.hadoop.ipc.Client.call(Client.java:1406)
>>
>> at org.apache.hadoop.ipc.Client.call(Client.java:1359)
>>
>> at org.apache.hadoop.ipc.ProtobufRpcEngine$Invoker.invoke(
>> ProtobufRpcEngine.java:206)
>>
>> at com.sun.proxy.$Proxy7.registerApplicationMaster(Unknown Source)
>>
>> at
>> org.apache.hadoop.yarn.api.impl.pb.client.ApplicationMasterProtocolPBClientImpl.registerApplicationMaster(
>> ApplicationMasterProtocolPBClientImpl.java:106)
>> My security is explicitly set to SIMPLE and I can see it in my logs:
>>
>> org.apache.hadoop.ipc.Server: Server accepts auth methods:[TOKEN, SIMPLE]
>>
>> What is unclear is why [TOKEN] get's there and when I say unclear, its
>> actually very clear from the ipc Server code. The real question is why
>> TOKEN is hard coded there in the first place for the cases when Secret
>> Manager is present. Which also raises another question; How to disable
>> Secret Manager.
>>
>> Cheers
>> Oleg
>>
>>
>

Mime
View raw message