Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-14212

Expose SecurityEnabled boolean field in JMX for other services besides NameNode



    • Type: Improvement
    • Status: Resolved
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 3.2.0, 3.1.2
    • Component/s: None
    • Labels:


      The following commit https://github.com/apache/hadoop/commit/dc17bda4b677e30c02c2a9a053895a43e41f7a12 introduced a "SecurityEnabled" field in the JMX output for the NameNode. I believe it would be nice to add this same change to the JMX output of other services: Secondary Namenode, ResourceManager, NodeManagers, DataNodes, etc. So that it can be queried whether Security is enabled in all JMX resources.

      The reason I am suggesting this feature / improvement is that I think it would provide a clean way to check whether your cluster is completely Kerberized or not. I don't think there is an easy/clean way to do this now, other than checking the logs, checking ports etc.?

      The file where the change was made is hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/NameNode.java has the following function now:

      @Override // NameNodeStatusMXBean
      public boolean isSecurityEnabled() {
          return UserGroupInformation.isSecurityEnabled();

      I would be happy to develop a patch if it seems useful by others as well?

      This is a snippet from the JMX output from the NameNode in case security is not enabled:

          "name" : "Hadoop:service=NameNode,name=NameNodeStatus",
          "modelerType" : "org.apache.hadoop.hdfs.server.namenode.NameNode",
          "NNRole" : "NameNode",
          "HostAndPort" : "node001.cm.cluster:8020",
          "SecurityEnabled" : false,
          "LastHATransitionTime" : 0,
          "State" : "standby"


        1. HADOOP-14212.009.patch
          25 kB
          Adam Antal
        2. HADOOP-14212.008.patch
          25 kB
          Adam Antal
        3. HADOOP-14212.007.patch
          21 kB
          Adam Antal
        4. HADOOP-14212.006.patch
          21 kB
          Adam Antal
        5. HADOOP-14212.005.patch
          18 kB
          Steve Loughran
        6. HADOOP-14212.005.patch
          18 kB
          Adam Antal
        7. HADOOP-14212.005.patch
          18 kB
          Adam Antal
        8. HADOOP-14212.004.patch
          18 kB
          Adam Antal
        9. HADOOP-14212.003.patch
          18 kB
          Adam Antal
        10. HADOOP-14212.002.patch
          4 kB
          Adam Antal
        11. HADOOP-14212.001.patch
          2 kB
          Adam Antal



            • Assignee:
              adam.antal Adam Antal
              Ray Burgemeestre Ray Burgemeestre
            • Votes:
              0 Vote for this issue
              10 Start watching this issue


              • Created: