Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-13698

Document caveat for KeyShell when underlying KeyProvider does not delete a key

    Details

    • Target Version/s:
    • Hadoop Flags:
      Reviewed

      Description

      For cases like:

      $ hadoop key create d
      d has not been created. java.io.IOException: HTTP status [500], exception [DuplicateKeyException], message [Key with name "d" already exists in "KeyProvider@5e552a98. Key exists but has been disabled. Use undelete to enable.] 
      java.io.IOException: HTTP status [500], exception [KeyProvider$DuplicateKeyException], message [Key with name "d" already exists in "KeyProvider@5e552a98. Key exists but has been disabled. Use undelete to enable.] 
      	at org.apache.hadoop.util.HttpExceptionUtils.validateResponse(HttpExceptionUtils.java:159)
      	at org.apache.hadoop.crypto.key.kms.KMSClientProvider.call(KMSClientProvider.java:615)
      	at org.apache.hadoop.crypto.key.kms.KMSClientProvider.call(KMSClientProvider.java:573)
      	at org.apache.hadoop.crypto.key.kms.KMSClientProvider.createKeyInternal(KMSClientProvider.java:739)
      	at org.apache.hadoop.crypto.key.kms.KMSClientProvider.createKey(KMSClientProvider.java:747)
      	at org.apache.hadoop.crypto.key.KeyShell$CreateCommand.execute(KeyShell.java:506)
      	at org.apache.hadoop.crypto.key.KeyShell.run(KeyShell.java:91)
      	at org.apache.hadoop.util.ToolRunner.run(ToolRunner.java:70)
      	at org.apache.hadoop.crypto.key.KeyShell.main(KeyShell.java:538)
      $ hadoop key delete d
      You are about to DELETE all versions of  key d from KeyProvider KMSClientProvider[http://localhost:16000/kms/v1/]. Continue?  (Y or N) Y
      Deleting key: d from KeyProvider: KMSClientProvider[http://localhost:16000/kms/v1/]
      d has not been deleted. java.io.IOException: Key named d was already deleted but is disabled. Use purge to destroy all traces or undelete to reactivate.
      java.io.IOException: Key named d was already deleted but is disabled. Use purge to destroy all traces or undelete to reactivate.
      	at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
      	at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57)
      	at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
      	at java.lang.reflect.Constructor.newInstance(Constructor.java:526)
      	at org.apache.hadoop.util.HttpExceptionUtils.validateResponse(HttpExceptionUtils.java:157)
      	at org.apache.hadoop.crypto.key.kms.KMSClientProvider.call(KMSClientProvider.java:615)
      	at org.apache.hadoop.crypto.key.kms.KMSClientProvider.call(KMSClientProvider.java:573)
      	at org.apache.hadoop.crypto.key.kms.KMSClientProvider.deleteKey(KMSClientProvider.java:877)
      	at org.apache.hadoop.crypto.key.KeyShell$DeleteCommand.execute(KeyShell.java:436)
      	at org.apache.hadoop.crypto.key.KeyShell.run(KeyShell.java:91)
      	at org.apache.hadoop.util.ToolRunner.run(ToolRunner.java:70)
      	at org.apache.hadoop.crypto.key.KeyShell.main(KeyShell.java:538)
      $ hadoop key create d
      d has not been created. java.io.IOException: HTTP status [500], exception [KeyProvider$DuplicateKeyException], message [Key with name "d" already exists in "KeyProvider@5e552a98. Key exists but has been disabled. Use undelete to enable.] 
      java.io.IOException: HTTP status [500], exception [KeyProvider$DuplicateKeyException], message [Key with name "d" already exists in "KeyProvider@5e552a98. Key exists but has been disabled. Use undelete to enable.] 
      	at org.apache.hadoop.util.HttpExceptionUtils.validateResponse(HttpExceptionUtils.java:159)
      	at org.apache.hadoop.crypto.key.kms.KMSClientProvider.call(KMSClientProvider.java:615)
      	at org.apache.hadoop.crypto.key.kms.KMSClientProvider.call(KMSClientProvider.java:573)
      	at org.apache.hadoop.crypto.key.kms.KMSClientProvider.createKeyInternal(KMSClientProvider.java:739)
      	at org.apache.hadoop.crypto.key.kms.KMSClientProvider.createKey(KMSClientProvider.java:747)
      	at org.apache.hadoop.crypto.key.KeyShell$CreateCommand.execute(KeyShell.java:506)
      	at org.apache.hadoop.crypto.key.KeyShell.run(KeyShell.java:91)
      	at org.apache.hadoop.util.ToolRunner.run(ToolRunner.java:70)
      	at org.apache.hadoop.crypto.key.KeyShell.main(KeyShell.java:538)
      

        Attachments

          Activity

            People

            • Assignee:
              xiaochen Xiao Chen
              Reporter:
              xiaochen Xiao Chen
            • Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: