Hello,
we are currently trying to configure a secure Hadoop install (version
0.22) to work with a Checkpoint node, and the problem is that we can't
seem to find any property that allows you to set the Kerberos
principal/keytab for it. Is it even possible, or is it simply not yet
implemented?
Out current checkpoint node config from hdfs-site.xml:
<!-- Checkpoint node config-->
<property>
<name>dfs.backup.address</name>
<value>bn.evizone.icsadl.agh.edu.pl</value>
</property>
<property>
<name>dfs.backup.http.port</name>
<value>50575</value>
</property>
<property>
<name>dfs.backup.keytab.file</name>
<value>/var/hadoop/hdfs/bn.keytab</value>
</property>
<property>
<name>dfs.backup.kerberos.principal</name>
<value>hdfs/_HOST@EVIZONE</value>
</property>
<property>
<name>dfs.backup.kerberos.https.principal</name>
<value>hdfs/_HOST@EVIZONE</value>
</property>
This doesn't provide the necessary credentials to the node, and results
in an exception being thrown:
11/08/02 12:19:52 WARN ipc.Client: Exception encountered while
connecting to the server : javax.security.sasl.SaslException: GSS
initiate failed [Caused by GSSException: No valid credentials provided
(Mechanism level: Failed to find any Kerberos tgt)]
11/08/02 12:19:52 ERROR namenode.NameNode: java.io.IOException: Call to
nn.evizone.icsadl.agh.edu.pl/149.156.205.147:8020 failed on local
exception: java.io.IOException: javax.security.sasl.SaslException: GSS
initiate failed [Caused by GSSException: No valid credentials provided
(Mechanism level: Failed to find any Kerberos tgt)]
Cheers, and thank you very much for any help you can provide!
Greg
