[jira] [Commented] (HDFS-6666) Abort NameNode and DataNode startup if security is enabled but block access token is not enabled.

Wed, 08 Apr 2015 15:14:29 -0700 

    [ 
https://issues.apache.org/jira/browse/HDFS-6666?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14486180#comment-14486180
 ] 

Chris Nauroth commented on HDFS-6666:
-------------------------------------

Thank you for the patch, [~vijaysbhat].

It's not necessary to call {{LOG.error}} before throwing the exceptions.  The 
exceptions will propagate out and get logged at a higher layer before the 
process terminates.  The log statements here would cause the error to get 
logged twice.

On the NameNode side, I recommend changing the existing code in 
{{BlockManager#createBlockTokenSecretManager}} instead of adding new code to 
the {{NameNode}} class.  The existing code currently logs an error.  We'd just 
need to change it to throw an exception.

In the test, I recommend using JUnit's {{ExpectedException}} with the expected 
message set to something like "Security is enabled but block access tokens".  
For an example of this, see 
{{TestSaslDataTransfer#testDataNodeAbortsIfNoSasl}}.  This will help us 
guarantee that the exception is thrown from the right place and for the right 
reason.

> Abort NameNode and DataNode startup if security is enabled but block access 
> token is not enabled.
> -------------------------------------------------------------------------------------------------
>
>                 Key: HDFS-6666
>                 URL: https://issues.apache.org/jira/browse/HDFS-6666
>             Project: Hadoop HDFS
>          Issue Type: Bug
>          Components: datanode, namenode, security
>    Affects Versions: 3.0.0, 2.5.0
>            Reporter: Chris Nauroth
>            Assignee: Vijay Bhat
>            Priority: Minor
>         Attachments: HDFS-6666.001.patch
>
>
> Currently, if security is enabled by setting hadoop.security.authentication 
> to kerberos, but HDFS block access tokens are disabled by setting 
> dfs.block.access.token.enable to false (which is the default), then the 
> NameNode logs an error and proceeds, and the DataNode proceeds without even 
> logging an error.  This jira proposes that this it's invalid to turn on 
> security but not turn on block access tokens, and that it would be better to 
> fail fast and abort the daemons during startup if this happens.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to