[ https://issues.apache.org/jira/browse/HDFS-4448?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14508674#comment-14508674 ]
Arun Suresh commented on HDFS-4448: ----------------------------------- No tests were included since as [~atm] had mentioned, Tested this manually on a 4 node secure-cluster and ensured both NNs came up and DNs were able to talk to them. > HA NN does not start with wildcard address configured for other NN when > security is enabled > ------------------------------------------------------------------------------------------- > > Key: HDFS-4448 > URL: https://issues.apache.org/jira/browse/HDFS-4448 > Project: Hadoop HDFS > Issue Type: Bug > Components: ha, namenode, security > Affects Versions: 2.0.3-alpha > Reporter: Aaron T. Myers > Assignee: Aaron T. Myers > Fix For: 2.8.0 > > Attachments: HDFS-4448.2.patch, HDFS-4448.patch, HDFS-4448.patch > > > Currently if one tries to configure HA NNs use the wildcard HTTP address when > security is enabled, the NN will fail to start with an error like the > following: > {code} > java.lang.IllegalArgumentException: java.io.IOException: Cannot use a > wildcard address with security. Must explicitly set bind address for Kerberos > {code} > This is the case even if one configures an actual address for the other NN's > HTTP address. There's no good reason for this, since we now check for the > local address being set to 0.0.0.0 and determine the canonical hostname for > Kerberos purposes using > {{InetAddress.getLocalHost().getCanonicalHostName()}}, so we should remove > the restriction. -- This message was sent by Atlassian JIRA (v6.3.4#6332)