Details
-
Improvement
-
Status: Open
-
Major
-
Resolution: Unresolved
-
None
-
None
-
None
-
None
Description
When DN secure mode configuration is incorrect, it throws the following exception from Datanode#checkSecureConfig
private static void checkSecureConfig(DNConf dnConf, Configuration conf, SecureResources resources) throws RuntimeException { if (!UserGroupInformation.isSecurityEnabled()) { return; } ... throw new RuntimeException("Cannot start secure DataNode without " + "configuring either privileged resources or SASL RPC data transfer " + "protection and SSL for HTTP. Using privileged resources in " + "combination with SASL RPC data transfer protection is not supported.");
The DN should print more useful diagnostics as to what exactly what went wrong.
Also when starting secure DN with resources then the startup scripts should launch the SecureDataNodeStarter class. If no SASL is configured and SecureDataNodeStarter is not used, then we could mention that too.