Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Cannot Reproduce
    • Affects Version/s: 2.2.0
    • Fix Version/s: None
    • Component/s: ha, journal-node, security
    • Labels:

      Description

      When HA is implemented with QJM and using kerberos, it's not possible to set wire-encrypted data.
      If it's set property hadoop.rpc.protection to something different to authentication it doesn't work propertly, getting the error:

      ERROR security.UserGroupInformation: PriviledgedActionException as:principal@REALM (auth:KERBEROS) cause:javax.security.sasl.SaslException: No common protection layer between client and ser

      With NFS as shared storage everything works like a charm

        Attachments

        1. namenode.xml
          67 kB
          Juan Carlos Fernandez
        2. journal.xml
          66 kB
          Juan Carlos Fernandez
        3. ssl-server.xml
          2 kB
          Juan Carlos Fernandez
        4. ssl-client.xml
          2 kB
          Juan Carlos Fernandez
        5. jaas.conf
          0.5 kB
          Juan Carlos Fernandez
        6. hdfs-site.xml
          7 kB
          Juan Carlos Fernandez
        7. core-site.xml
          3 kB
          Juan Carlos Fernandez

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              jucaf Juan Carlos Fernandez
            • Votes:
              0 Vote for this issue
              Watchers:
              10 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: