Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-13698

Document caveat for KeyShell when underlying KeyProvider does not delete a key

    Details

    • Target Version/s:
    • Hadoop Flags:
      Reviewed

      Description

      For cases like:

      $ hadoop key create d
      d has not been created. java.io.IOException: HTTP status [500], exception [DuplicateKeyException], message [Key with name "d" already exists in "KeyProvider@5e552a98. Key exists but has been disabled. Use undelete to enable.] 
      java.io.IOException: HTTP status [500], exception [KeyProvider$DuplicateKeyException], message [Key with name "d" already exists in "KeyProvider@5e552a98. Key exists but has been disabled. Use undelete to enable.] 
      	at org.apache.hadoop.util.HttpExceptionUtils.validateResponse(HttpExceptionUtils.java:159)
      	at org.apache.hadoop.crypto.key.kms.KMSClientProvider.call(KMSClientProvider.java:615)
      	at org.apache.hadoop.crypto.key.kms.KMSClientProvider.call(KMSClientProvider.java:573)
      	at org.apache.hadoop.crypto.key.kms.KMSClientProvider.createKeyInternal(KMSClientProvider.java:739)
      	at org.apache.hadoop.crypto.key.kms.KMSClientProvider.createKey(KMSClientProvider.java:747)
      	at org.apache.hadoop.crypto.key.KeyShell$CreateCommand.execute(KeyShell.java:506)
      	at org.apache.hadoop.crypto.key.KeyShell.run(KeyShell.java:91)
      	at org.apache.hadoop.util.ToolRunner.run(ToolRunner.java:70)
      	at org.apache.hadoop.crypto.key.KeyShell.main(KeyShell.java:538)
      $ hadoop key delete d
      You are about to DELETE all versions of  key d from KeyProvider KMSClientProvider[http://localhost:16000/kms/v1/]. Continue?  (Y or N) Y
      Deleting key: d from KeyProvider: KMSClientProvider[http://localhost:16000/kms/v1/]
      d has not been deleted. java.io.IOException: Key named d was already deleted but is disabled. Use purge to destroy all traces or undelete to reactivate.
      java.io.IOException: Key named d was already deleted but is disabled. Use purge to destroy all traces or undelete to reactivate.
      	at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
      	at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57)
      	at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
      	at java.lang.reflect.Constructor.newInstance(Constructor.java:526)
      	at org.apache.hadoop.util.HttpExceptionUtils.validateResponse(HttpExceptionUtils.java:157)
      	at org.apache.hadoop.crypto.key.kms.KMSClientProvider.call(KMSClientProvider.java:615)
      	at org.apache.hadoop.crypto.key.kms.KMSClientProvider.call(KMSClientProvider.java:573)
      	at org.apache.hadoop.crypto.key.kms.KMSClientProvider.deleteKey(KMSClientProvider.java:877)
      	at org.apache.hadoop.crypto.key.KeyShell$DeleteCommand.execute(KeyShell.java:436)
      	at org.apache.hadoop.crypto.key.KeyShell.run(KeyShell.java:91)
      	at org.apache.hadoop.util.ToolRunner.run(ToolRunner.java:70)
      	at org.apache.hadoop.crypto.key.KeyShell.main(KeyShell.java:538)
      $ hadoop key create d
      d has not been created. java.io.IOException: HTTP status [500], exception [KeyProvider$DuplicateKeyException], message [Key with name "d" already exists in "KeyProvider@5e552a98. Key exists but has been disabled. Use undelete to enable.] 
      java.io.IOException: HTTP status [500], exception [KeyProvider$DuplicateKeyException], message [Key with name "d" already exists in "KeyProvider@5e552a98. Key exists but has been disabled. Use undelete to enable.] 
      	at org.apache.hadoop.util.HttpExceptionUtils.validateResponse(HttpExceptionUtils.java:159)
      	at org.apache.hadoop.crypto.key.kms.KMSClientProvider.call(KMSClientProvider.java:615)
      	at org.apache.hadoop.crypto.key.kms.KMSClientProvider.call(KMSClientProvider.java:573)
      	at org.apache.hadoop.crypto.key.kms.KMSClientProvider.createKeyInternal(KMSClientProvider.java:739)
      	at org.apache.hadoop.crypto.key.kms.KMSClientProvider.createKey(KMSClientProvider.java:747)
      	at org.apache.hadoop.crypto.key.KeyShell$CreateCommand.execute(KeyShell.java:506)
      	at org.apache.hadoop.crypto.key.KeyShell.run(KeyShell.java:91)
      	at org.apache.hadoop.util.ToolRunner.run(ToolRunner.java:70)
      	at org.apache.hadoop.crypto.key.KeyShell.main(KeyShell.java:538)
      

        Activity

        Hide
        hudson Hudson added a comment -

        SUCCESS: Integrated in Jenkins build Hadoop-trunk-Commit #10593 (See https://builds.apache.org/job/Hadoop-trunk-Commit/10593/)
        HADOOP-13698. Document caveat for KeyShell when underlying KeyProvider (xiao: rev b84c4891f9eca8d56593e48e9df88be42e24220d)

        • (edit) hadoop-common-project/hadoop-common/src/site/markdown/CommandsManual.md
        Show
        hudson Hudson added a comment - SUCCESS: Integrated in Jenkins build Hadoop-trunk-Commit #10593 (See https://builds.apache.org/job/Hadoop-trunk-Commit/10593/ ) HADOOP-13698 . Document caveat for KeyShell when underlying KeyProvider (xiao: rev b84c4891f9eca8d56593e48e9df88be42e24220d) (edit) hadoop-common-project/hadoop-common/src/site/markdown/CommandsManual.md
        Hide
        xiaochen Xiao Chen added a comment -

        Committed to trunk, branch-2 and branch-2.8. Thanks Andrew for the review!

        Show
        xiaochen Xiao Chen added a comment - Committed to trunk, branch-2 and branch-2.8. Thanks Andrew for the review!
        Hide
        andrew.wang Andrew Wang added a comment -

        +1 thanks Xiao

        Show
        andrew.wang Andrew Wang added a comment - +1 thanks Xiao
        Hide
        hadoopqa Hadoop QA added a comment -
        +1 overall



        Vote Subsystem Runtime Comment
        0 reexec 0m 12s Docker mode activated.
        +1 @author 0m 0s The patch does not contain any @author tags.
        +1 mvninstall 6m 54s trunk passed
        +1 mvnsite 0m 55s trunk passed
        +1 mvnsite 0m 50s the patch passed
        +1 whitespace 0m 0s The patch has no whitespace issues.
        +1 asflicense 0m 15s The patch does not generate ASF License warnings.
        9m 25s



        Subsystem Report/Notes
        Docker Image:yetus/hadoop:9560f25
        JIRA Issue HADOOP-13698
        JIRA Patch URL https://issues.apache.org/jira/secure/attachment/12832192/HADOOP-13698.01.patch
        Optional Tests asflicense mvnsite
        uname Linux d68ba7716fe5 3.13.0-93-generic #140-Ubuntu SMP Mon Jul 18 21:21:05 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux
        Build tool maven
        Personality /testptch/hadoop/patchprocess/precommit/personality/provided.sh
        git revision trunk / 3565c9a
        modules C: hadoop-common-project/hadoop-common U: hadoop-common-project/hadoop-common
        Console output https://builds.apache.org/job/PreCommit-HADOOP-Build/10703/console
        Powered by Apache Yetus 0.4.0-SNAPSHOT http://yetus.apache.org

        This message was automatically generated.

        Show
        hadoopqa Hadoop QA added a comment - +1 overall Vote Subsystem Runtime Comment 0 reexec 0m 12s Docker mode activated. +1 @author 0m 0s The patch does not contain any @author tags. +1 mvninstall 6m 54s trunk passed +1 mvnsite 0m 55s trunk passed +1 mvnsite 0m 50s the patch passed +1 whitespace 0m 0s The patch has no whitespace issues. +1 asflicense 0m 15s The patch does not generate ASF License warnings. 9m 25s Subsystem Report/Notes Docker Image:yetus/hadoop:9560f25 JIRA Issue HADOOP-13698 JIRA Patch URL https://issues.apache.org/jira/secure/attachment/12832192/HADOOP-13698.01.patch Optional Tests asflicense mvnsite uname Linux d68ba7716fe5 3.13.0-93-generic #140-Ubuntu SMP Mon Jul 18 21:21:05 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux Build tool maven Personality /testptch/hadoop/patchprocess/precommit/personality/provided.sh git revision trunk / 3565c9a modules C: hadoop-common-project/hadoop-common U: hadoop-common-project/hadoop-common Console output https://builds.apache.org/job/PreCommit-HADOOP-Build/10703/console Powered by Apache Yetus 0.4.0-SNAPSHOT http://yetus.apache.org This message was automatically generated.

          People

          • Assignee:
            xiaochen Xiao Chen
            Reporter:
            xiaochen Xiao Chen
          • Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development