Hadoop Common
  1. Hadoop Common
  2. HADOOP-7091

reloginFromKeytab() should happen even if TGT can't be found

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 0.22.0
    • Component/s: security
    • Labels:
      None
    • Hadoop Flags:
      Reviewed

      Description

      HADOOP-6965 introduced a getTGT() method and prevents reloginFromKeytab() from happening when TGT is not found. This results in the RPC layer not being able to refresh TGT after TGT expires. The reason is RPC layer only does relogin when the expired TGT is used and an exception is thrown. However, when that happens, the expired TGT will be removed from Subject. Therefore, getTGT() will return null and relogin will not be performed. We observed, for example, JT will not be able to re-connect to NN after TGT expires.

        Activity

        Hide
        Kan Zhang added a comment -

        Attaching a patch that allows reloginFromKeytab() to happen when getTGT() returns null. Also, making getTGT() a synchronized method.

        Show
        Kan Zhang added a comment - Attaching a patch that allows reloginFromKeytab() to happen when getTGT() returns null. Also, making getTGT() a synchronized method.
        Hide
        Todd Lipcon added a comment -

        +1 pending test results.

        Show
        Todd Lipcon added a comment - +1 pending test results.
        Hide
        Hadoop QA added a comment -

        -1 overall. Here are the results of testing the latest attachment
        http://issues.apache.org/jira/secure/attachment/12467683/c7091-01.patch
        against trunk revision 1056006.

        +1 @author. The patch does not contain any @author tags.

        -1 tests included. The patch doesn't appear to include any new or modified tests.
        Please justify why no new tests are needed for this patch.
        Also please list what manual steps were performed to verify this patch.

        +1 javadoc. The javadoc tool did not generate any warning messages.

        +1 javac. The applied patch does not increase the total number of javac compiler warnings.

        +1 findbugs. The patch does not introduce any new Findbugs (version 1.3.9) warnings.

        +1 release audit. The applied patch does not increase the total number of release audit warnings.

        +1 core tests. The patch passed core unit tests.

        +1 contrib tests. The patch passed contrib unit tests.

        +1 system test framework. The patch passed system test framework compile.

        Test results: https://hudson.apache.org/hudson/job/PreCommit-HADOOP-Build/162//testReport/
        Findbugs warnings: https://hudson.apache.org/hudson/job/PreCommit-HADOOP-Build/162//artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html
        Console output: https://hudson.apache.org/hudson/job/PreCommit-HADOOP-Build/162//console

        This message is automatically generated.

        Show
        Hadoop QA added a comment - -1 overall. Here are the results of testing the latest attachment http://issues.apache.org/jira/secure/attachment/12467683/c7091-01.patch against trunk revision 1056006. +1 @author. The patch does not contain any @author tags. -1 tests included. The patch doesn't appear to include any new or modified tests. Please justify why no new tests are needed for this patch. Also please list what manual steps were performed to verify this patch. +1 javadoc. The javadoc tool did not generate any warning messages. +1 javac. The applied patch does not increase the total number of javac compiler warnings. +1 findbugs. The patch does not introduce any new Findbugs (version 1.3.9) warnings. +1 release audit. The applied patch does not increase the total number of release audit warnings. +1 core tests. The patch passed core unit tests. +1 contrib tests. The patch passed contrib unit tests. +1 system test framework. The patch passed system test framework compile. Test results: https://hudson.apache.org/hudson/job/PreCommit-HADOOP-Build/162//testReport/ Findbugs warnings: https://hudson.apache.org/hudson/job/PreCommit-HADOOP-Build/162//artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html Console output: https://hudson.apache.org/hudson/job/PreCommit-HADOOP-Build/162//console This message is automatically generated.
        Hide
        Kan Zhang added a comment -

        Todd, thanks for the review. Can't write unit tests for it, but we have verified the patch on clusters at Yahoo.

        Show
        Kan Zhang added a comment - Todd, thanks for the review. Can't write unit tests for it, but we have verified the patch on clusters at Yahoo.
        Hide
        Jakob Homan added a comment -

        I've committed this based on Todd's review. Resolving as fixed.

        Show
        Jakob Homan added a comment - I've committed this based on Todd's review. Resolving as fixed.
        Hide
        Hudson added a comment -

        Integrated in Hadoop-Common-trunk-Commit #468 (See https://hudson.apache.org/hudson/job/Hadoop-Common-trunk-Commit/468/)
        HADOOP-7091. reloginFromKeytab() should happen even if TGT can't be found. Contribued by Kan Zhang.

        Show
        Hudson added a comment - Integrated in Hadoop-Common-trunk-Commit #468 (See https://hudson.apache.org/hudson/job/Hadoop-Common-trunk-Commit/468/ ) HADOOP-7091 . reloginFromKeytab() should happen even if TGT can't be found. Contribued by Kan Zhang.
        Hide
        Hudson added a comment -

        Integrated in Hadoop-Common-trunk #573 (See https://hudson.apache.org/hudson/job/Hadoop-Common-trunk/573/)
        HADOOP-7091. reloginFromKeytab() should happen even if TGT can't be found. Contribued by Kan Zhang.

        Show
        Hudson added a comment - Integrated in Hadoop-Common-trunk #573 (See https://hudson.apache.org/hudson/job/Hadoop-Common-trunk/573/ ) HADOOP-7091 . reloginFromKeytab() should happen even if TGT can't be found. Contribued by Kan Zhang.
        Hide
        Todd Lipcon added a comment -

        Hi Kan, should this have gone in the 0.22 branch as well?

        Show
        Todd Lipcon added a comment - Hi Kan, should this have gone in the 0.22 branch as well?
        Hide
        Kan Zhang added a comment -

        > Hi Kan, should this have gone in the 0.22 branch as well?
        Yes. Can you help me get it committed? Thanks!

        Show
        Kan Zhang added a comment - > Hi Kan, should this have gone in the 0.22 branch as well? Yes. Can you help me get it committed? Thanks!
        Hide
        Todd Lipcon added a comment -

        Committed to 0.22 branch and moved it in CHANGES.txt

        Show
        Todd Lipcon added a comment - Committed to 0.22 branch and moved it in CHANGES.txt
        Hide
        Hudson added a comment -

        Integrated in Hadoop-Common-22-branch #13 (See https://hudson.apache.org/hudson/job/Hadoop-Common-22-branch/13/)

        Show
        Hudson added a comment - Integrated in Hadoop-Common-22-branch #13 (See https://hudson.apache.org/hudson/job/Hadoop-Common-22-branch/13/ )
        Hide
        Hudson added a comment -

        Integrated in Hadoop-Common-trunk #574 (See https://hudson.apache.org/hudson/job/Hadoop-Common-trunk/574/)
        Moving HADOOP-7091 to 0.22 section in CHANGES.txt since it was put in branch

        Show
        Hudson added a comment - Integrated in Hadoop-Common-trunk #574 (See https://hudson.apache.org/hudson/job/Hadoop-Common-trunk/574/ ) Moving HADOOP-7091 to 0.22 section in CHANGES.txt since it was put in branch
        Hide
        Hudson added a comment -

        Integrated in Hadoop-Common-trunk-Commit #479 (See https://hudson.apache.org/hudson/job/Hadoop-Common-trunk-Commit/479/)

        Show
        Hudson added a comment - Integrated in Hadoop-Common-trunk-Commit #479 (See https://hudson.apache.org/hudson/job/Hadoop-Common-trunk-Commit/479/ )

          People

          • Assignee:
            Kan Zhang
            Reporter:
            Kan Zhang
          • Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development