Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-13698

Document caveat for KeyShell when underlying KeyProvider does not delete a key

    XMLWordPrintableJSON

Details

    • Reviewed

    Description

      For cases like:

      $ hadoop key create d
d has not been created. java.io.IOException: HTTP status [500], exception [DuplicateKeyException], message [Key with name "d" already exists in "KeyProvider@5e552a98. Key exists but has been disabled. Use undelete to enable.] 
java.io.IOException: HTTP status [500], exception [KeyProvider$DuplicateKeyException], message [Key with name "d" already exists in "KeyProvider@5e552a98. Key exists but has been disabled. Use undelete to enable.] 
	at org.apache.hadoop.util.HttpExceptionUtils.validateResponse(HttpExceptionUtils.java:159)
	at org.apache.hadoop.crypto.key.kms.KMSClientProvider.call(KMSClientProvider.java:615)
	at org.apache.hadoop.crypto.key.kms.KMSClientProvider.call(KMSClientProvider.java:573)
	at org.apache.hadoop.crypto.key.kms.KMSClientProvider.createKeyInternal(KMSClientProvider.java:739)
	at org.apache.hadoop.crypto.key.kms.KMSClientProvider.createKey(KMSClientProvider.java:747)
	at org.apache.hadoop.crypto.key.KeyShell$CreateCommand.execute(KeyShell.java:506)
	at org.apache.hadoop.crypto.key.KeyShell.run(KeyShell.java:91)
	at org.apache.hadoop.util.ToolRunner.run(ToolRunner.java:70)
	at org.apache.hadoop.crypto.key.KeyShell.main(KeyShell.java:538)
$ hadoop key delete d
You are about to DELETE all versions of  key d from KeyProvider KMSClientProvider[http://localhost:16000/kms/v1/]. Continue?  (Y or N) Y
Deleting key: d from KeyProvider: KMSClientProvider[http://localhost:16000/kms/v1/]
d has not been deleted. java.io.IOException: Key named d was already deleted but is disabled. Use purge to destroy all traces or undelete to reactivate.
java.io.IOException: Key named d was already deleted but is disabled. Use purge to destroy all traces or undelete to reactivate.
	at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
	at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57)
	at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
	at java.lang.reflect.Constructor.newInstance(Constructor.java:526)
	at org.apache.hadoop.util.HttpExceptionUtils.validateResponse(HttpExceptionUtils.java:157)
	at org.apache.hadoop.crypto.key.kms.KMSClientProvider.call(KMSClientProvider.java:615)
	at org.apache.hadoop.crypto.key.kms.KMSClientProvider.call(KMSClientProvider.java:573)
	at org.apache.hadoop.crypto.key.kms.KMSClientProvider.deleteKey(KMSClientProvider.java:877)
	at org.apache.hadoop.crypto.key.KeyShell$DeleteCommand.execute(KeyShell.java:436)
	at org.apache.hadoop.crypto.key.KeyShell.run(KeyShell.java:91)
	at org.apache.hadoop.util.ToolRunner.run(ToolRunner.java:70)
	at org.apache.hadoop.crypto.key.KeyShell.main(KeyShell.java:538)
$ hadoop key create d
d has not been created. java.io.IOException: HTTP status [500], exception [KeyProvider$DuplicateKeyException], message [Key with name "d" already exists in "KeyProvider@5e552a98. Key exists but has been disabled. Use undelete to enable.] 
java.io.IOException: HTTP status [500], exception [KeyProvider$DuplicateKeyException], message [Key with name "d" already exists in "KeyProvider@5e552a98. Key exists but has been disabled. Use undelete to enable.] 
	at org.apache.hadoop.util.HttpExceptionUtils.validateResponse(HttpExceptionUtils.java:159)
	at org.apache.hadoop.crypto.key.kms.KMSClientProvider.call(KMSClientProvider.java:615)
	at org.apache.hadoop.crypto.key.kms.KMSClientProvider.call(KMSClientProvider.java:573)
	at org.apache.hadoop.crypto.key.kms.KMSClientProvider.createKeyInternal(KMSClientProvider.java:739)
	at org.apache.hadoop.crypto.key.kms.KMSClientProvider.createKey(KMSClientProvider.java:747)
	at org.apache.hadoop.crypto.key.KeyShell$CreateCommand.execute(KeyShell.java:506)
	at org.apache.hadoop.crypto.key.KeyShell.run(KeyShell.java:91)
	at org.apache.hadoop.util.ToolRunner.run(ToolRunner.java:70)
	at org.apache.hadoop.crypto.key.KeyShell.main(KeyShell.java:538)

      Attachments

        1. HADOOP-13698.01.patch
          1 kB
          Xiao Chen

        Activity

          People

            xiaochen Xiao Chen
            xiaochen Xiao Chen
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: