Details
-
Bug
-
Status: Open
-
Critical
-
Resolution: Unresolved
-
0.23.0, 2.0.0-alpha, 3.0.0-alpha1
-
None
-
None
Description
UserGroupInformation only allows kerberos users to be logged in via the ticket cache when running hadoop commands. UGI allows a keytab to be used, but it's only exposed programatically. This forces keytab-based users running hadoop commands to periodically issue a kinit from the keytab. A race condition exists during the kinit when the ticket cache is deleted and re-created. Hadoop commands will fail when the ticket cache does not momentarily exist.