hadoop-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Arpit Gupta <ar...@hortonworks.com>
Subject Re: Failed To Start SecondaryNameNode in Secure Mode
Date Tue, 27 Nov 2012 16:57:20 GMT
Hi AC,

Do you have the following property defined in your hdfs-site.xml

<property>
<name>dfs.secondary.namenode.kerberos.internal.spnego.principal</name>
<value>HTTP/_HOST@REALM</value>
</property>

and this principal needs to be available in your /etc/hadoop/hadoop.keytab. From the logs
it looks like you only have the following configured "dfs.secondary.namenode.kerberos.principal"


--
Arpit Gupta
Hortonworks Inc.
http://hortonworks.com/

On Nov 27, 2012, at 6:14 AM, "ac@hsk.hk" <ac@hsk.hk> wrote:

> Hi,
> 
> Please help!
> 
> I tried to start SecondaryNameNode in secure mode by the command: {$HADOOP_HOME}bin/hadoop-daemon.sh
start secondarynamenode
> 
> 1) from the log, I saw "Login successful" 
> 	************************************************************/
> 	2012-11-27 22:05:23,120 INFO org.apache.hadoop.security.UserGroupInformation: Login
successful for user ......
> 	2012-11-27 22:05:23,246 INFO org.apache.hadoop.hdfs.server.namenode.SecondaryNameNode:
SHUTDOWN_MSG:
> 	/************************************************************
> 	SHUTDOWN_MSG: Shutting down SecondaryNameNode at ......
> 	************************************************************/
> 
> 
> 2) However, from the command line, I saw 
> 	$ {$HADOOP_HOME}/bin/hadoop-daemon.sh start secondarynamenode
> 	Warning: $HADOOP_HOME is deprecated.
> 	starting secondarynamenode, logging to /usr/local/hadoop-1.0.4/libexec/../logs/hadoop-hduser-secondarynamenode-m146.out
> 	Exception in thread "main" java.io.IOException: Login failure for null from keytab /etc/hadoop/hadoop.keytab
> 		at org.apache.hadoop.security.UserGroupInformation.loginUserFromKeytabAndReturnUGI(UserGroupInformation.java:716)
> 		at org.apache.hadoop.hdfs.server.namenode.SecondaryNameNode.initialize(SecondaryNameNode.java:183)
> 		at org.apache.hadoop.hdfs.server.namenode.SecondaryNameNode.<init>(SecondaryNameNode.java:129)
> 		at org.apache.hadoop.hdfs.server.namenode.SecondaryNameNode.main(SecondaryNameNode.java:567)
> 	Caused by: javax.security.auth.login.LoginException: Unable to obtain Princpal Name
for authentication 
> 		at com.sun.security.auth.module.Krb5LoginModule.promptForName(Krb5LoginModule.java:733)
> 		at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:629)
> 		at com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:542)
> 		at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> 
> 
> There is no secondarynamenode process if I use JPS to check 
> 
> QUESTION: Any idea where I am wrong?
> 
> 
> Thanks
> ac
> 
> 
> 


Mime
View raw message