[
https://issues.apache.org/jira/browse/HDFS-12532?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16219017#comment-16219017
]
Daryn Sharp commented on HDFS-12532:
------------------------------------
I see. You want to sacrifice security for convenience: using a single
principal and keytab for all nodes instead of unique principals for the nodes.
If yes, I hope your customer specifically requested this insecure setup, or has
been informed this misuse of kerberos will seriously degrade security.
While I do not condone this setup, you should be able to append the junk
service host "hadoop" to the line in /etc/hosts corresponding to the interface
you want to use. Or make the DN listen on 0.0.0.0.
> DN Reg can Fail when principal doesn't contain hostname and floatingIP is
> configured.
> -------------------------------------------------------------------------------------
>
> Key: HDFS-12532
> URL: https://issues.apache.org/jira/browse/HDFS-12532
> Project: Hadoop HDFS
> Issue Type: Bug
> Reporter: Brahma Reddy Battula
> Assignee: Brahma Reddy Battula
> Attachments: HDFS-12532.patch
>
>
> Configure principal without hostname (i.e hdfs/[email protected])
> Configure floatingIP
> Start Cluster.
> Here DN will fail to register as it can take IP which is not in "/etc/hosts".
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
