Details
-
Bug
-
Status: Resolved
-
Critical
-
Resolution: Fixed
-
2.0.0
-
None
Description
1. build a two node cluster, with 1 ZK (everything on c6401). c6402 should only have DN, NM and clients
2. Then add a host c6403 with just DN, NM and clients
3. Then add two ZKs (to c6402 and c6403)
4. Then enable kerb.
5. Then try to enable namenode HA.
Result:
JournalNodes start fails.
During enabling HA journalnode "kerberos configs" were added to hdfs-site.xml:
[root@c6401 data]# grep -ri "dfs.journalnode.kerberos.internal.spnego.principal" * command-175.json: "dfs.journalnode.kerberos.internal.spnego.principal": "HTTP/_HOST@EXAMPLE.COM", command-179.json: "dfs.journalnode.kerberos.internal.spnego.principal": "HTTP/_HOST@EXAMPLE.COM", command-184.json: "dfs.journalnode.kerberos.internal.spnego.principal": "HTTP/_HOST@EXAMPLE.COM",
But when JNs were stating those configurations have not been in hdfs-site.xml and command.json.
[root@c6401 data]# grep -ri "dfs.journalnode.kerberos.internal.spnego.principal" command-188.json [root@c6401 data]#
Exception in thread "main" java.io.IOException: Running in secure mode, but config doesn't have a keytab
at org.apache.hadoop.security.SecurityUtil.login(SecurityUtil.java:236)
at org.apache.hadoop.hdfs.qjournal.server.JournalNode.start(JournalNode.java:144)
I could not reproduce it at the second attempt