You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-issues@hadoop.apache.org by "Xiao Chen (JIRA)" <ji...@apache.org> on 2016/10/07 19:43:20 UTC

[jira] [Updated] (HADOOP-13698) Document caveat for KeyShell when underlying KeyProvider does not delete a key

     [ https://issues.apache.org/jira/browse/HADOOP-13698?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Xiao Chen updated HADOOP-13698:
-------------------------------
    Attachment: HADOOP-13698.01.patch

> Document caveat for KeyShell when underlying KeyProvider does not delete a key
> ------------------------------------------------------------------------------
>
>                 Key: HADOOP-13698
>                 URL: https://issues.apache.org/jira/browse/HADOOP-13698
>             Project: Hadoop Common
>          Issue Type: Improvement
>          Components: documentation, kms
>    Affects Versions: 2.8.0
>            Reporter: Xiao Chen
>            Assignee: Xiao Chen
>            Priority: Minor
>              Labels: supportability
>         Attachments: HADOOP-13698.01.patch
>
>
> For cases like:
> {noformat}
> $ hadoop key create d
> d has not been created. java.io.IOException: HTTP status [500], exception [DuplicateKeyException], message [Key with name "d" already exists in "KeyProvider@5e552a98. Key exists but has been disabled. Use undelete to enable.] 
> java.io.IOException: HTTP status [500], exception [KeyProvider$DuplicateKeyException], message [Key with name "d" already exists in "KeyProvider@5e552a98. Key exists but has been disabled. Use undelete to enable.] 
> 	at org.apache.hadoop.util.HttpExceptionUtils.validateResponse(HttpExceptionUtils.java:159)
> 	at org.apache.hadoop.crypto.key.kms.KMSClientProvider.call(KMSClientProvider.java:615)
> 	at org.apache.hadoop.crypto.key.kms.KMSClientProvider.call(KMSClientProvider.java:573)
> 	at org.apache.hadoop.crypto.key.kms.KMSClientProvider.createKeyInternal(KMSClientProvider.java:739)
> 	at org.apache.hadoop.crypto.key.kms.KMSClientProvider.createKey(KMSClientProvider.java:747)
> 	at org.apache.hadoop.crypto.key.KeyShell$CreateCommand.execute(KeyShell.java:506)
> 	at org.apache.hadoop.crypto.key.KeyShell.run(KeyShell.java:91)
> 	at org.apache.hadoop.util.ToolRunner.run(ToolRunner.java:70)
> 	at org.apache.hadoop.crypto.key.KeyShell.main(KeyShell.java:538)
> $ hadoop key delete d
> You are about to DELETE all versions of  key d from KeyProvider KMSClientProvider[http://localhost:16000/kms/v1/]. Continue?  (Y or N) Y
> Deleting key: d from KeyProvider: KMSClientProvider[http://localhost:16000/kms/v1/]
> d has not been deleted. java.io.IOException: Key named d was already deleted but is disabled. Use purge to destroy all traces or undelete to reactivate.
> java.io.IOException: Key named d was already deleted but is disabled. Use purge to destroy all traces or undelete to reactivate.
> 	at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
> 	at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57)
> 	at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
> 	at java.lang.reflect.Constructor.newInstance(Constructor.java:526)
> 	at org.apache.hadoop.util.HttpExceptionUtils.validateResponse(HttpExceptionUtils.java:157)
> 	at org.apache.hadoop.crypto.key.kms.KMSClientProvider.call(KMSClientProvider.java:615)
> 	at org.apache.hadoop.crypto.key.kms.KMSClientProvider.call(KMSClientProvider.java:573)
> 	at org.apache.hadoop.crypto.key.kms.KMSClientProvider.deleteKey(KMSClientProvider.java:877)
> 	at org.apache.hadoop.crypto.key.KeyShell$DeleteCommand.execute(KeyShell.java:436)
> 	at org.apache.hadoop.crypto.key.KeyShell.run(KeyShell.java:91)
> 	at org.apache.hadoop.util.ToolRunner.run(ToolRunner.java:70)
> 	at org.apache.hadoop.crypto.key.KeyShell.main(KeyShell.java:538)
> $ hadoop key create d
> d has not been created. java.io.IOException: HTTP status [500], exception [KeyProvider$DuplicateKeyException], message [Key with name "d" already exists in "KeyProvider@5e552a98. Key exists but has been disabled. Use undelete to enable.] 
> java.io.IOException: HTTP status [500], exception [KeyProvider$DuplicateKeyException], message [Key with name "d" already exists in "KeyProvider@5e552a98. Key exists but has been disabled. Use undelete to enable.] 
> 	at org.apache.hadoop.util.HttpExceptionUtils.validateResponse(HttpExceptionUtils.java:159)
> 	at org.apache.hadoop.crypto.key.kms.KMSClientProvider.call(KMSClientProvider.java:615)
> 	at org.apache.hadoop.crypto.key.kms.KMSClientProvider.call(KMSClientProvider.java:573)
> 	at org.apache.hadoop.crypto.key.kms.KMSClientProvider.createKeyInternal(KMSClientProvider.java:739)
> 	at org.apache.hadoop.crypto.key.kms.KMSClientProvider.createKey(KMSClientProvider.java:747)
> 	at org.apache.hadoop.crypto.key.KeyShell$CreateCommand.execute(KeyShell.java:506)
> 	at org.apache.hadoop.crypto.key.KeyShell.run(KeyShell.java:91)
> 	at org.apache.hadoop.util.ToolRunner.run(ToolRunner.java:70)
> 	at org.apache.hadoop.crypto.key.KeyShell.main(KeyShell.java:538)
> {noformat}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-issues-help@hadoop.apache.org