Details
-
Bug
-
Status: Resolved
-
Critical
-
Resolution: Fixed
-
1.4.0
Description
In current implementation of GrpcOmTransport we do not passing information about Kerberos token between client and server. That's lead to broken GetSecret and RevokeSecret commands if we are switching to GrpcOmTransport.
Right now ozone cli forced to use Hadoop3OmTransport so issues do not manifests itself at the moment. But implementation of HDDS-8050 currently blocked by this bug.
To reproduce it one can simply need to change
org.apache.hadoop.ozone.om.protocolPB.Hadoop3OmTransportFactory
to
org.apache.hadoop.ozone.om.protocolPB.GrpcOmTransport
in
hadoop-ozone/tools/src/main/resources/META-INF/services/org.apache.hadoop.ozone.om.protocolPB.OmTransportFactory
. And execute following commands:
ozone s3 getsecret ozone s3 revokesecret
Attachments
Issue Links
- blocks
-
HDDS-8050 Create HTTP endpoint to access S3 secret via Kerberos auth
- Resolved
- links to