Uploaded image for project: 'HBase'
  1. HBase
  2. HBASE-10675

IntegrationTestIngestWithACL should allow User to be passed as Parameter

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • None
    • 0.98.1, 0.99.0
    • None
    • None
    • Reviewed
    • Hide
      To use this feature of passing superuser and userlist we need to give the following command
      {code}
      ./hbase --config /usr/lib/hbase/conf/ org.apache.hadoop.hbase.IntegrationTestIngestWithACL -superuser <user> -userlist <user1>,<user2>,<user3>
      {code}
      Ensure that the userlist is comma seperated.
      Show
      To use this feature of passing superuser and userlist we need to give the following command {code} ./hbase --config /usr/lib/hbase/conf/ org.apache.hadoop.hbase.IntegrationTestIngestWithACL -superuser <user> -userlist <user1>,<user2>,<user3> {code} Ensure that the userlist is comma seperated.

    Description

      The IntegrationTestIngestWithACL needs to be modified to allow the user to be passed in as an argument at run time. Currently, the test is using a fixed set of user names which cannot be authenticated via Kerberos, causing the test to fail. Allowing the username to be passed at run time will allow a user that is already authenticated by Kerberos to be used, and resolve the failure.

      2014-02-06 02:58:25,315|beaver.machine|INFO|RUNNING: /usr/bin/kinit -c /hbase.kerberos.ticket -k -t /home/hadoopqa/keytabs/hbase.headless.keytab hbase
2014-02-06 02:58:25,325|beaver.machine|INFO|RUNNING: /usr/lib/hbase/bin/hbase --config /tmp/hbaseConf org.apache.hadoop.hbase.IntegrationTestsDriver -regex IntegrationTestIngestWithACL

2014-02-06 02:58:34,489|beaver.machine|INFO|2014-02-06 02:58:34,489 DEBUG HBaseWriterThreadWithACL_1 token.AuthenticationTokenSelector: No matching token found
2014-02-06 02:58:34,493|beaver.machine|INFO|2014-02-06 02:58:34,489 DEBUG HBaseWriterThreadWithACL_1 security.HBaseSaslRpcClient: Creating SASL GSSAPI client. Server's Kerberos principal name is hbase/h2-ubuntu12-sec-1391405488-hbase-7.cs1cloud.internal@EXAMPLE.COM
2014-02-06 02:58:34,493|beaver.machine|INFO|2014-02-06 02:58:34,491 WARN HBaseWriterThreadWithACL_1 security.UserGroupInformation: PriviledgedActionException as:owner (auth:SIMPLE) cause:javax.security.sasl.SaslException: GSS initiate failed Caused by GSSException: No valid credentials provided (Mechanism level: Failed to find any Kerberos tgt)
2014-02-06 02:58:34,493|beaver.machine|INFO|2014-02-06 02:58:34,492 WARN HBaseWriterThreadWithACL_1 ipc.RpcClient: Exception encountered while connecting to the server : javax.security.sasl.SaslException: GSS initiate failed Caused by GSSException: No valid credentials provided (Mechanism level: Failed to find any Kerberos tgt)
2014-02-06 02:58:34,498|beaver.machine|INFO|2014-02-06 02:58:34,493 FATAL HBaseWriterThreadWithACL_1 ipc.RpcClient: SASL authentication failed. The most likely cause is missing or invalid credentials. Consider 'kinit'.
2014-02-06 02:58:34,499|beaver.machine|INFO|javax.security.sasl.SaslException: GSS initiate failed Caused by GSSException: No valid credentials provided (Mechanism level: Failed to find any Kerberos tgt)
2014-02-06 02:58:34,499|beaver.machine|INFO|at com.sun.security.sasl.gsskerb.GssKrb5Client.evaluateChallenge(GssKrb5Client.java:194)
2014-02-06 02:58:34,499|beaver.machine|INFO|at org.apache.hadoop.hbase.security.HBaseSaslRpcClient.saslConnect(HBaseSaslRpcClient.java:152)
2014-02-06 02:58:34,500|beaver.machine|INFO|at org.apache.hadoop.hbase.ipc.RpcClient$Connection.setupSaslConnection(RpcClient.java:762)
2014-02-06 02:58:34,500|beaver.machine|INFO|at org.apache.hadoop.hbase.ipc.RpcClient$Connection.access$600(RpcClient.java:354)
2014-02-06 02:58:34,500|beaver.machine|INFO|at org.apache.hadoop.hbase.ipc.RpcClient$Connection$2.run(RpcClient.java:883)
2014-02-06 02:58:34,501|beaver.machine|INFO|at org.apache.hadoop.hbase.ipc.RpcClient$Connection$2.run(RpcClient.java:880)
2014-02-06 02:58:34,501|beaver.machine|INFO|at java.security.AccessController.doPrivileged(Native Method)
2014-02-06 02:58:34,501|beaver.machine|INFO|at javax.security.auth.Subject.doAs(Subject.java:396)
2014-02-06 02:58:34,501|beaver.machine|INFO|at org.apache.hadoop.security.UserGroupInformation.doAs(UserGroupInformation.java:1548)
2014-02-06 02:58:34,502|beaver.machine|INFO|at org.apache.hadoop.hbase.ipc.RpcClient$Connection.setupIOstreams(RpcClient.java:880)
2014-02-06 02:58:34,502|beaver.machine|INFO|at org.apache.hadoop.hbase.ipc.RpcClient.getConnection(RpcClient.java:1536)
2014-02-06 02:58:34,502|beaver.machine|INFO|at org.apache.hadoop.hbase.ipc.RpcClient.call(RpcClient.java:1425)
2014-02-06 02:58:34,502|beaver.machine|INFO|at org.apache.hadoop.hbase.ipc.RpcClient.callBlockingMethod(RpcClient.java:1654)
2014-02-06 02:58:34,503|beaver.machine|INFO|at org.apache.hadoop.hbase.ipc.RpcClient$BlockingRpcChannelImplementation.callBlockingMethod(RpcClient.java:1712)
2014-02-06 02:58:34,503|beaver.machine|INFO|at org.apache.hadoop.hbase.protobuf.generated.ClientProtos$ClientService$BlockingStub.get(ClientProtos.java:28833)
2014-02-06 02:58:34,503|beaver.machine|INFO|at org.apache.hadoop.hbase.protobuf.ProtobufUtil.getRowOrBefore(ProtobufUtil.java:1466)
2014-02-06 02:58:34,503|beaver.machine|INFO|at org.apache.hadoop.hbase.client.HTable$2.call(HTable.java:701)
2014-02-06 02:58:34,504|beaver.machine|INFO|at org.apache.hadoop.hbase.client.HTable$2.call(HTable.java:699)
2014-02-06 02:58:34,504|beaver.machine|INFO|at org.apache.hadoop.hbase.client.RpcRetryingCaller.callWithRetries(RpcRetryingCaller.java:120)
2014-02-06 02:58:34,504|beaver.machine|INFO|at org.apache.hadoop.hbase.client.HTable.getRowOrBefore(HTable.java:705)
2014-02-06 02:58:34,504|beaver.machine|INFO|at org.apache.hadoop.hbase.client.MetaScanner.metaScan(MetaScanner.java:144)

      Thanks to Huned who discovered this issue.

      Attachments

        1. 10675-0.98.addendum
          0.7 kB
          Ted Yu
        2. HBASE-10675_1.patch
          10 kB
          ramkrishna.s.vasudevan
        3. HBASE-10675_2.patch
          12 kB
          ramkrishna.s.vasudevan
        4. HBASE-10675_3.patch
          12 kB
          ramkrishna.s.vasudevan

        Activity

          People

            ram_krish ramkrishna.s.vasudevan
            yuzhihong@gmail.com Ted Yu
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: