Stephen Chu created HDFS-3813:
---------------------------------
Summary: Secure NameNode startup has bad error message (Principal
not defined in configuration) if WebHDFS is enabled but its principal is not
configured
Key: HDFS-3813
URL: https://issues.apache.org/jira/browse/HDFS-3813
Project: Hadoop HDFS
Issue Type: Improvement
Components: security, webhdfs
Affects Versions: 2.0.0-alpha
Reporter: Stephen Chu
I configured a secure HDFS cluster, but failed to start the NameNode because I
had enabled WebHDFS without specifying its principal in hdfs-site.xml.
In the NN logs, I see:
{noformat}
2012-05-28 17:50:13,021 INFO
org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler:
Login using keytab /etc/hdfs.keytab, for principal
HTTP/c1225.hal.cloudera....@hal.cloudera.com
2012-05-28 17:50:13,030 INFO
org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler:
Initialized, principal [HTTP/c1225.hal.cloudera....@hal.cloudera.com] from
keytab [/etc/hdfs.keytab]
2012-05-28 17:50:13,031 WARN
org.apache.hadoop.security.authentication.server.AuthenticationFilter:
'signature.secret' configuration not set, using a random value as secret
2012-05-28 17:50:13,032 WARN org.mortbay.log: failed SPNEGO:
javax.servlet.ServletException: javax.servlet.ServletException: Principal not
defined in configuration
2012-05-28 17:50:13,033 WARN org.mortbay.log: Failed startup of context
org.mortbay.jetty.webapp.WebAppContext@21453d72{/,file:/usr/lib/hadoop-hdfs/webapps/hdfs}
javax.servlet.ServletException: javax.servlet.ServletException: Principal not
defined in configuration
at
org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler.init(KerberosAuthenticationHandler.java:185)
at
org.apache.hadoop.security.authentication.server.AuthenticationFilter.init(AuthenticationFilter.java:146)
at org.mortbay.jetty.servlet.FilterHolder.doStart(FilterHolder.java:97)
at
org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:50)
at
org.mortbay.jetty.servlet.ServletHandler.initialize(ServletHandler.java:713)
at org.mortbay.jetty.servlet.Context.startContext(Context.java:140)
at
org.mortbay.jetty.webapp.WebAppContext.startContext(WebAppContext.java:1282)
at
org.mortbay.jetty.handler.ContextHandler.doStart(ContextHandler.java:518)
at
org.mortbay.jetty.webapp.WebAppContext.doStart(WebAppContext.java:499)
at
org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:50)
at
org.mortbay.jetty.handler.HandlerCollection.doStart(HandlerCollection.java:152)
at
org.mortbay.jetty.handler.ContextHandlerCollection.doStart(ContextHandlerCollection.java:156)
at
org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:50)
at
org.mortbay.jetty.handler.HandlerWrapper.doStart(HandlerWrapper.java:130)
at org.mortbay.jetty.Server.doStart(Server.java:224)
at
org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:50)
at org.apache.hadoop.http.HttpServer.start(HttpServer.java:617)
at
org.apache.hadoop.hdfs.server.namenode.NameNodeHttpServer.start(NameNodeHttpServer.java:173)
at
org.apache.hadoop.hdfs.server.namenode.NameNode.startHttpServer(NameNode.java:529)
at
org.apache.hadoop.hdfs.server.namenode.NameNode.startCommonServices(NameNode.java:471)
at
org.apache.hadoop.hdfs.server.namenode.NameNode.initialize(NameNode.java:434)
at
org.apache.hadoop.hdfs.server.namenode.NameNode.<init>(NameNode.java:590)
at
org.apache.hadoop.hdfs.server.namenode.NameNode.<init>(NameNode.java:571)
at
org.apache.hadoop.hdfs.server.namenode.NameNode.createNameNode(NameNode.java:1134)
at
org.apache.hadoop.hdfs.server.namenode.NameNode.main(NameNode.java:1193)
Caused by: javax.servlet.ServletException: Principal not defined in
configuration
at
org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler.init(KerberosAuthenticationHandler.java:146)
... 24 more
2012-05-28 17:50:13,034 WARN org.mortbay.log: Nested in
javax.servlet.ServletException: javax.servlet.ServletException: Principal not
defined in configuration:
javax.servlet.ServletException: Principal not defined in configuration
at
org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler.init(KerberosAuthenticationHandler.java:146)
at
org.apache.hadoop.security.authentication.server.AuthenticationFilter.init(AuthenticationFilter.java:146)
at org.mortbay.jetty.servlet.FilterHolder.doStart(FilterHolder.java:97)
at
org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:50)
at
org.mortbay.jetty.servlet.ServletHandler.initialize(ServletHandler.java:713)
at org.mortbay.jetty.servlet.Context.startContext(Context.java:140)
at
org.mortbay.jetty.webapp.WebAppContext.startContext(WebAppContext.java:1282)
at
org.mortbay.jetty.handler.ContextHandler.doStart(ContextHandler.java:518)
at
org.mortbay.jetty.webapp.WebAppContext.doStart(WebAppContext.java:499)
at
org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:50)
at
org.mortbay.jetty.handler.HandlerCollection.doStart(HandlerCollection.java:152)
at
org.mortbay.jetty.handler.ContextHandlerCollection.doStart(ContextHandlerCollection.java:156)
at
org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:50)
at
org.mortbay.jetty.handler.HandlerWrapper.doStart(HandlerWrapper.java:130)
at org.mortbay.jetty.Server.doStart(Server.java:224)
at
org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:50)
at org.apache.hadoop.http.HttpServer.start(HttpServer.java:617)
at
org.apache.hadoop.hdfs.server.namenode.NameNodeHttpServer.start(NameNodeHttpServer.java:173)
at
org.apache.hadoop.hdfs.server.namenode.NameNode.startHttpServer(NameNode.java:529)
at
org.apache.hadoop.hdfs.server.namenode.NameNode.startCommonServices(NameNode.java:471)
at
org.apache.hadoop.hdfs.server.namenode.NameNode.initialize(NameNode.java:434)
at
org.apache.hadoop.hdfs.server.namenode.NameNode.<init>(NameNode.java:590)
at
org.apache.hadoop.hdfs.server.namenode.NameNode.<init>(NameNode.java:571)
at
org.apache.hadoop.hdfs.server.namenode.NameNode.createNameNode(NameNode.java:1134)
at
org.apache.hadoop.hdfs.server.namenode.NameNode.main(NameNode.java:1193)
2012-05-28 17:50:13,041 INFO org.mortbay.log: Started
selectchannelconnec...@c1225.hal.cloudera.com:50070
2012-05-28 17:50:13,041 INFO org.apache.hadoop.hdfs.server.namenode.NameNode:
Web-server up at: c1225.hal.cloudera.com:50070
2012-05-28 17:50:13,042 INFO org.apache.hadoop.ipc.Server: IPC Server
Responder: starting
2012-05-28 17:50:13,042 INFO org.apache.hadoop.ipc.Server: IPC Server listener
on 17020: starting
2012-05-28 17:50:13,045 INFO org.apache.hadoop.hdfs.server.namenode.NameNode:
NameNode up at: c1225.hal.cloudera.com/172.29.98.216:17020
2012-05-28 17:50:13,045 INFO
org.apache.hadoop.hdfs.server.namenode.FSNamesystem: Starting services required
for standby state
2012-05-28 17:50:13,048 INFO
org.apache.hadoop.hdfs.server.namenode.ha.EditLogTailer: Will roll logs on
active node at c1226.hal.cloudera.com/172.29.98.217:17020 every 120 seconds.
2012-05-28 17:50:13,058 INFO
org.apache.hadoop.hdfs.server.namenode.ha.StandbyCheckpointer: Starting standby
checkpoint thread...
Checkpointing active NN at c1226.hal.cloudera.com:50070
Serving checkpoints at c1225.hal.cloudera.com/172.29.98.216:50070
{noformat}
The error message should be more specific as to which principal hasn't been
configured.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
