[
https://issues.apache.org/jira/browse/HADOOP-13698?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15567090#comment-15567090
]
Hudson commented on HADOOP-13698:
---------------------------------
SUCCESS: Integrated in Jenkins build Hadoop-trunk-Commit #10593 (See
[https://builds.apache.org/job/Hadoop-trunk-Commit/10593/])
HADOOP-13698. Document caveat for KeyShell when underlying KeyProvider (xiao:
rev b84c4891f9eca8d56593e48e9df88be42e24220d)
* (edit) hadoop-common-project/hadoop-common/src/site/markdown/CommandsManual.md
> Document caveat for KeyShell when underlying KeyProvider does not delete a key
> ------------------------------------------------------------------------------
>
> Key: HADOOP-13698
> URL: https://issues.apache.org/jira/browse/HADOOP-13698
> Project: Hadoop Common
> Issue Type: Improvement
> Components: documentation, kms
> Affects Versions: 2.8.0
> Reporter: Xiao Chen
> Assignee: Xiao Chen
> Priority: Minor
> Labels: supportability
> Fix For: 2.8.0, 3.0.0-alpha2
>
> Attachments: HADOOP-13698.01.patch
>
>
> For cases like:
> {noformat}
> $ hadoop key create d
> d has not been created. java.io.IOException: HTTP status [500], exception
> [DuplicateKeyException], message [Key with name "d" already exists in
> "KeyProvider@5e552a98. Key exists but has been disabled. Use undelete to
> enable.]
> java.io.IOException: HTTP status [500], exception
> [KeyProvider$DuplicateKeyException], message [Key with name "d" already
> exists in "KeyProvider@5e552a98. Key exists but has been disabled. Use
> undelete to enable.]
> at
> org.apache.hadoop.util.HttpExceptionUtils.validateResponse(HttpExceptionUtils.java:159)
> at
> org.apache.hadoop.crypto.key.kms.KMSClientProvider.call(KMSClientProvider.java:615)
> at
> org.apache.hadoop.crypto.key.kms.KMSClientProvider.call(KMSClientProvider.java:573)
> at
> org.apache.hadoop.crypto.key.kms.KMSClientProvider.createKeyInternal(KMSClientProvider.java:739)
> at
> org.apache.hadoop.crypto.key.kms.KMSClientProvider.createKey(KMSClientProvider.java:747)
> at
> org.apache.hadoop.crypto.key.KeyShell$CreateCommand.execute(KeyShell.java:506)
> at org.apache.hadoop.crypto.key.KeyShell.run(KeyShell.java:91)
> at org.apache.hadoop.util.ToolRunner.run(ToolRunner.java:70)
> at org.apache.hadoop.crypto.key.KeyShell.main(KeyShell.java:538)
> $ hadoop key delete d
> You are about to DELETE all versions of key d from KeyProvider
> KMSClientProvider[http://localhost:16000/kms/v1/]. Continue? (Y or N) Y
> Deleting key: d from KeyProvider:
> KMSClientProvider[http://localhost:16000/kms/v1/]
> d has not been deleted. java.io.IOException: Key named d was already deleted
> but is disabled. Use purge to destroy all traces or undelete to reactivate.
> java.io.IOException: Key named d was already deleted but is disabled. Use
> purge to destroy all traces or undelete to reactivate.
> at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
> at
> sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57)
> at
> sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
> at java.lang.reflect.Constructor.newInstance(Constructor.java:526)
> at
> org.apache.hadoop.util.HttpExceptionUtils.validateResponse(HttpExceptionUtils.java:157)
> at
> org.apache.hadoop.crypto.key.kms.KMSClientProvider.call(KMSClientProvider.java:615)
> at
> org.apache.hadoop.crypto.key.kms.KMSClientProvider.call(KMSClientProvider.java:573)
> at
> org.apache.hadoop.crypto.key.kms.KMSClientProvider.deleteKey(KMSClientProvider.java:877)
> at
> org.apache.hadoop.crypto.key.KeyShell$DeleteCommand.execute(KeyShell.java:436)
> at org.apache.hadoop.crypto.key.KeyShell.run(KeyShell.java:91)
> at org.apache.hadoop.util.ToolRunner.run(ToolRunner.java:70)
> at org.apache.hadoop.crypto.key.KeyShell.main(KeyShell.java:538)
> $ hadoop key create d
> d has not been created. java.io.IOException: HTTP status [500], exception
> [KeyProvider$DuplicateKeyException], message [Key with name "d" already
> exists in "KeyProvider@5e552a98. Key exists but has been disabled. Use
> undelete to enable.]
> java.io.IOException: HTTP status [500], exception
> [KeyProvider$DuplicateKeyException], message [Key with name "d" already
> exists in "KeyProvider@5e552a98. Key exists but has been disabled. Use
> undelete to enable.]
> at
> org.apache.hadoop.util.HttpExceptionUtils.validateResponse(HttpExceptionUtils.java:159)
> at
> org.apache.hadoop.crypto.key.kms.KMSClientProvider.call(KMSClientProvider.java:615)
> at
> org.apache.hadoop.crypto.key.kms.KMSClientProvider.call(KMSClientProvider.java:573)
> at
> org.apache.hadoop.crypto.key.kms.KMSClientProvider.createKeyInternal(KMSClientProvider.java:739)
> at
> org.apache.hadoop.crypto.key.kms.KMSClientProvider.createKey(KMSClientProvider.java:747)
> at
> org.apache.hadoop.crypto.key.KeyShell$CreateCommand.execute(KeyShell.java:506)
> at org.apache.hadoop.crypto.key.KeyShell.run(KeyShell.java:91)
> at org.apache.hadoop.util.ToolRunner.run(ToolRunner.java:70)
> at org.apache.hadoop.crypto.key.KeyShell.main(KeyShell.java:538)
> {noformat}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
