You are viewing a plain text version of this content. The canonical link for it is here.

Posted to common-issues@hadoop.apache.org by "Ajay Kumar (JIRA)" <ji...@apache.org> on 2018/01/08 18:26:00 UTC

[jira] [Comment Edited] (HADOOP-14969) Improve diagnostics in secure DataNode startup

    [ https://issues.apache.org/jira/browse/HADOOP-14969?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16312079#comment-16312079 ] 

Ajay Kumar edited comment on HADOOP-14969 at 1/8/18 6:25 PM:
-------------------------------------------------------------

Added initial patch for review. [~arpitagarwal],[~stevel@apache.org] could you please have a look. Error message points to existing documentation for secure datanode in error message. (i.e [https://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-common/SecureMode.html#Secure_DataNode] )


was (Author: ajayydv):
Added initial patch for review. [~arpitagarwal],[~stevel@apache.org] could you please have a look. Error message points to existing documentation for secure datanode in error message. (i.e https://hadoop.apache.org/docs/current/hadoop-project-dist/ )

> Improve diagnostics in secure DataNode startup
> ----------------------------------------------
>
>                 Key: HADOOP-14969
>                 URL: https://issues.apache.org/jira/browse/HADOOP-14969
>             Project: Hadoop Common
>          Issue Type: Improvement
>            Reporter: Ajay Kumar
>            Assignee: Ajay Kumar
>         Attachments: HADOOP-14969.001.patch
>
>
> When DN secure mode configuration is incorrect, it throws the following exception from Datanode#checkSecureConfig
> {code}
>   private static void checkSecureConfig(DNConf dnConf, Configuration conf,
>       SecureResources resources) throws RuntimeException {
>     if (!UserGroupInformation.isSecurityEnabled()) {
>       return;
>     }
> ...
>     throw new RuntimeException("Cannot start secure DataNode without " +
>       "configuring either privileged resources or SASL RPC data transfer " +
>       "protection and SSL for HTTP.  Using privileged resources in " +
>       "combination with SASL RPC data transfer protection is not supported.");
> {code}
> The DN should print more useful diagnostics as to what exactly what went wrong.
> Also when starting secure DN with resources then the startup scripts should launch the SecureDataNodeStarter class. If no SASL is configured and SecureDataNodeStarter is not used, then we could mention that too.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-issues-help@hadoop.apache.org