Uploaded image for project: 'Apache Ozone'
  1. Apache Ozone
  2. HDDS-4602

Ozone shell failed with Kerberos enabled

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Closed
    • Major
    • Resolution: Won't Fix
    • 1.0.0
    • None
    • Ozone CLI
    • Current branch and kerberos environment, ozone shell will fail.

    Description

      When running a ozone cluster with kerberos, the ozone shell failed. We have the following error logs: (CMD: bin/ozone sh volume create vol0)

      // code placeholder
2020-12-16 12:24:41,745 [main] ERROR OzoneClientFactory:249 - Couldn't create RpcClient protocol exception: 
org.apache.hadoop.ipc.RemoteException(org.apache.hadoop.security.AccessControlException): org.apache.hadoop.security.AccessControlException: SIMPLE authentication is not enabled.  Available:[TOKEN, KERBEROS]
	at org.apache.hadoop.ipc.Client.getRpcResponse(Client.java:1545)
	at org.apache.hadoop.ipc.Client.call(Client.java:1491)
	at org.apache.hadoop.ipc.Client.call(Client.java:1388)
	at org.apache.hadoop.ipc.ProtobufRpcEngine$Invoker.invoke(ProtobufRpcEngine.java:233)
	at org.apache.hadoop.ipc.ProtobufRpcEngine$Invoker.invoke(ProtobufRpcEngine.java:118)
	at com.sun.proxy.$Proxy16.submitRequest(Unknown Source)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:498)
	at org.apache.hadoop.io.retry.RetryInvocationHandler.invokeMethod(RetryInvocationHandler.java:422)
	at org.apache.hadoop.io.retry.RetryInvocationHandler$Call.invokeMethod(RetryInvocationHandler.java:165)
	at org.apache.hadoop.io.retry.RetryInvocationHandler$Call.invoke(RetryInvocationHandler.java:157)
	at org.apache.hadoop.io.retry.RetryInvocationHandler$Call.invokeOnce(RetryInvocationHandler.java:95)
	at org.apache.hadoop.io.retry.RetryInvocationHandler.invoke(RetryInvocationHandler.java:359)
	at com.sun.proxy.$Proxy16.submitRequest(Unknown Source)
	at org.apache.hadoop.ozone.om.protocolPB.Hadoop3OmTransport.submitRequest(Hadoop3OmTransport.java:80)
	at org.apache.hadoop.ozone.om.protocolPB.OzoneManagerProtocolClientSideTranslatorPB.submitRequest(OzoneManagerProtocolClientSideTranslatorPB.java:218)
	at org.apache.hadoop.ozone.om.protocolPB.OzoneManagerProtocolClientSideTranslatorPB.getServiceInfo(OzoneManagerProtocolClientSideTranslatorPB.java:1066)
	at org.apache.hadoop.ozone.client.rpc.RpcClient.<init>(RpcClient.java:241)
	at org.apache.hadoop.ozone.client.OzoneClientFactory.getClientProtocol(OzoneClientFactory.java:246)
	at org.apache.hadoop.ozone.client.OzoneClientFactory.getClientProtocol(OzoneClientFactory.java:229)
	at org.apache.hadoop.ozone.client.OzoneClientFactory.getRpcClient(OzoneClientFactory.java:149)
	at org.apache.hadoop.ozone.shell.OzoneAddress.createRpcClient(OzoneAddress.java:95)
	at org.apache.hadoop.ozone.shell.OzoneAddress.createClient(OzoneAddress.java:164)
	at org.apache.hadoop.ozone.shell.Handler.createClient(Handler.java:104)
	at org.apache.hadoop.ozone.shell.Handler.call(Handler.java:92)
	at org.apache.hadoop.ozone.shell.Handler.call(Handler.java:42)
	at picocli.CommandLine.executeUserObject(CommandLine.java:1933)
	at picocli.CommandLine.access$1100(CommandLine.java:145)
	at picocli.CommandLine$RunLast.executeUserObjectOfLastSubcommandWithSameParent(CommandLine.java:2332)
	at picocli.CommandLine$RunLast.handle(CommandLine.java:2326)
	at picocli.CommandLine$RunLast.handle(CommandLine.java:2291)
	at picocli.CommandLine$AbstractParseResultHandler.handleParseResult(CommandLine.java:2152)
	at picocli.CommandLine.parseWithHandlers(CommandLine.java:2530)
	at picocli.CommandLine.parseWithHandler(CommandLine.java:2465)
	at org.apache.hadoop.hdds.cli.GenericCli.execute(GenericCli.java:96)
	at org.apache.hadoop.ozone.shell.OzoneShell.lambda$execute$0(OzoneShell.java:55)
	at org.apache.hadoop.hdds.tracing.TracingUtil.executeInNewSpan(TracingUtil.java:159)
	at org.apache.hadoop.ozone.shell.OzoneShell.execute(OzoneShell.java:53)
	at org.apache.hadoop.hdds.cli.GenericCli.run(GenericCli.java:87)
	at org.apache.hadoop.ozone.shell.OzoneShell.main(OzoneShell.java:47)

      The error shows that reading or setting secure configure  failed.

      I guess we call  UserGroupInformation#getCurrentUser before UserGroupInformation#setConfiguration.

      I will try to fix this.

      Attachments

        Issue Links

          links to

          Web Link GitHub Pull Request #1713

          Activity

            People

              it boys Shiyou xin
              it boys Shiyou xin
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: