Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id 7FE14200C3A for ; Fri, 31 Mar 2017 22:39:46 +0200 (CEST) Received: by cust-asf.ponee.io (Postfix) id 7E4ED160B7C; Fri, 31 Mar 2017 20:39:46 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id C6858160B80 for ; Fri, 31 Mar 2017 22:39:45 +0200 (CEST) Received: (qmail 41881 invoked by uid 500); 31 Mar 2017 20:39:45 -0000 Mailing-List: contact issues-help@hbase.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Delivered-To: mailing list issues@hbase.apache.org Received: (qmail 41868 invoked by uid 99); 31 Mar 2017 20:39:44 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd2-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 31 Mar 2017 20:39:44 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd2-us-west.apache.org (ASF Mail Server at spamd2-us-west.apache.org) with ESMTP id 8F32E1A08E0 for ; Fri, 31 Mar 2017 20:39:44 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd2-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: -98.701 X-Spam-Level: X-Spam-Status: No, score=-98.701 tagged_above=-999 required=6.31 tests=[KAM_ASCII_DIVIDERS=0.8, KAM_NUMSUBJECT=0.5, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, URIBL_RED=0.001, USER_IN_WHITELIST=-100] autolearn=disabled Received: from mx1-lw-us.apache.org ([10.40.0.8]) by localhost (spamd2-us-west.apache.org [10.40.0.9]) (amavisd-new, port 10024) with ESMTP id V1Nd7QjlLFQC for ; Fri, 31 Mar 2017 20:39:43 +0000 (UTC) Received: from mailrelay1-us-west.apache.org (mailrelay1-us-west.apache.org [209.188.14.139]) by mx1-lw-us.apache.org (ASF Mail Server at mx1-lw-us.apache.org) with ESMTP id 3389D5FC84 for ; Fri, 31 Mar 2017 20:39:43 +0000 (UTC) Received: from jira-lw-us.apache.org (unknown [207.244.88.139]) by mailrelay1-us-west.apache.org (ASF Mail Server at mailrelay1-us-west.apache.org) with ESMTP id 559ECE0A75 for ; Fri, 31 Mar 2017 20:39:42 +0000 (UTC) Received: from jira-lw-us.apache.org (localhost [127.0.0.1]) by jira-lw-us.apache.org (ASF Mail Server at jira-lw-us.apache.org) with ESMTP id AD84721DE0 for ; Fri, 31 Mar 2017 20:39:41 +0000 (UTC) Date: Fri, 31 Mar 2017 20:39:41 +0000 (UTC) From: "Yi Liang (JIRA)" To: issues@hbase.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Updated] (HBASE-17861) Regionserver down when checking the permission of staging dir if hbase.rootdir is on S3 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 archived-at: Fri, 31 Mar 2017 20:39:46 -0000 [ https://issues.apache.org/jira/browse/HBASE-17861?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Yi Liang updated HBASE-17861: ----------------------------- Description: Found some issue, when set up HBASE-17437: Support specifying a WAL directory outside of the root directory. The region server are showdown when I add following config into hbase-site.xml hbase.rootdir = hdfs://xx/xx hbase.wal.dir = s3a://xx//xx hbase.coprocessor.region.classes = org.apache.hadoop.hbase.security.access.SecureBulkLoadEndpoint Error is below {noformat} org.apache.hadoop.hbase.security.access.SecureBulkLoadEndpoint threw java.lang.IllegalStateException: Directory already exists but permissions aren't set to '-rwx--x--x' {noformat} The reason is that, when hbase enable securebulkload, hbase will create a folder in s3, it can not set above permission, because in s3, all files are listed as having full read/write permissions and all directories appear to have full rwx permissions. See Object stores have differerent authorization models in https://hadoop.apache.org/docs/current3/hadoop-aws/tools/hadoop-aws/index.html was: Found some issue, when set up HBASE-17437: Support specifying a WAL directory outside of the root directory. The region server are showdown when I add following config into hbase-site.xml hbase.rootdir = hdfs://xx/xx hbase.wal.dir = s3a://xx//xx hbase.coprocessor.region.classes = org.apache.hadoop.hbase.security.access.SecureBulkLoadEndpoint Error is below {noformat} org.apache.hadoop.hbase.security.access.SecureBulkLoadEndpoint threw java.lang.IllegalStateException: Directory already exists but permissions aren't set to '-rwx--x--x' {noformat} The reason is that, when hbase enable securebulkload, hbase will create a folder in s3, it can not set above permission, because in s3, all files are listed as having full read/write permissions and all directories appear to have full rwx permissions. See simulated permission section in https://docs.hortonworks.com/HDPDocuments/HDCloudAWS/HDCloudAWS-1.8.0/bk_hdcloud-aws/content/s3-s3aclient/index.html > Regionserver down when checking the permission of staging dir if hbase.rootdir is on S3 > --------------------------------------------------------------------------------------- > > Key: HBASE-17861 > URL: https://issues.apache.org/jira/browse/HBASE-17861 > Project: HBase > Issue Type: Bug > Affects Versions: 1.4.0 > Reporter: Yi Liang > Assignee: Yi Liang > Labels: filesystem, s3, wal > Fix For: 1.4.0 > > Attachments: HBASE-17861-V1.patch > > > Found some issue, when set up HBASE-17437: Support specifying a WAL directory outside of the root directory. > The region server are showdown when I add following config into hbase-site.xml > hbase.rootdir = hdfs://xx/xx > hbase.wal.dir = s3a://xx//xx > hbase.coprocessor.region.classes = org.apache.hadoop.hbase.security.access.SecureBulkLoadEndpoint > Error is below > {noformat} > org.apache.hadoop.hbase.security.access.SecureBulkLoadEndpoint threw java.lang.IllegalStateException: Directory already exists but permissions aren't set to '-rwx--x--x' > {noformat} > The reason is that, when hbase enable securebulkload, hbase will create a folder in s3, it can not set above permission, because in s3, all files are listed as having full read/write permissions and all directories appear to have full rwx permissions. See Object stores have differerent authorization models in https://hadoop.apache.org/docs/current3/hadoop-aws/tools/hadoop-aws/index.html -- This message was sent by Atlassian JIRA (v6.3.15#6346)