[
https://issues.apache.org/jira/browse/HDFS-16591?focusedWorklogId=782492&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-782492
]
ASF GitHub Bot logged work on HDFS-16591:
-----------------------------------------
Author: ASF GitHub Bot
Created on: 17/Jun/22 17:57
Start Date: 17/Jun/22 17:57
Worklog Time Spent: 10m
Work Description: simbadzina commented on code in PR #4447:
URL: https://github.com/apache/hadoop/pull/4447#discussion_r900396075
##########
hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/JaasConfiguration.java:
##########
@@ -0,0 +1,77 @@
+/**
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License. See accompanying LICENSE file.
+ */
+package org.apache.hadoop.security.authentication.util;
+
+import java.util.HashMap;
+import java.util.Map;
+import javax.security.auth.login.AppConfigurationEntry;
+import javax.security.auth.login.Configuration;
+
+
+/**
+ * Creates a programmatic version of a jaas.conf file. This can be used
+ * instead of writing a jaas.conf file and setting the system property,
+ * "java.security.auth.login.config", to point to that file. It is meant to be
+ * used for connecting to ZooKeeper.
+ */
+public class JaasConfiguration extends Configuration {
+
+ private final javax.security.auth.login.Configuration baseConfig =
+ javax.security.auth.login.Configuration.getConfiguration();
+ private static AppConfigurationEntry[] entry;
Review Comment:
Can you add a comment that this array will only every contain one element?
The naming and signature of **_AppConfigurationEntry[]
getAppConfigurationEntry(String name)_** is confusing, but that's used in too
many places to change as part of this RB.
Issue Time Tracking
-------------------
Worklog Id: (was: 782492)
Time Spent: 50m (was: 40m)
> StateStoreZooKeeper fails to initialize
> ---------------------------------------
>
> Key: HDFS-16591
> URL: https://issues.apache.org/jira/browse/HDFS-16591
> Project: Hadoop HDFS
> Issue Type: Bug
> Components: rbf
> Reporter: Hector Sandoval Chaverri
> Priority: Major
> Labels: pull-request-available
> Time Spent: 50m
> Remaining Estimate: 0h
>
> MembershipStore and MountTableStore are failing to initialize, logging the
> following errors on the Router logs:
> {noformat}
> 2022-05-23 16:43:01,156 ERROR
> org.apache.hadoop.hdfs.server.federation.router.RouterHeartbeatService:
> Cannot get version for class
> org.apache.hadoop.hdfs.server.federation.store.MembershipStore
> org.apache.hadoop.hdfs.server.federation.store.StateStoreUnavailableException:
> Cached State Store not initialized, MembershipState records not valid
> at
> org.apache.hadoop.hdfs.server.federation.store.CachedRecordStore.checkCacheAvailable(CachedRecordStore.java:106)
> at
> org.apache.hadoop.hdfs.server.federation.store.CachedRecordStore.getCachedRecords(CachedRecordStore.java:227)
> at
> org.apache.hadoop.hdfs.server.federation.router.RouterHeartbeatService.getStateStoreVersion(RouterHeartbeatService.java:131)
> at
> org.apache.hadoop.hdfs.server.federation.router.RouterHeartbeatService.updateStateStore(RouterHeartbeatService.java:92)
> at
> org.apache.hadoop.hdfs.server.federation.router.RouterHeartbeatService.periodicInvoke(RouterHeartbeatService.java:159)
> at
> org.apache.hadoop.hdfs.server.federation.router.PeriodicService$1.run(PeriodicService.java:178)
> at
> java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
> at java.util.concurrent.FutureTask.runAndReset(FutureTask.java:308)
> at
> java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$301(ScheduledThreadPoolExecutor.java:180)
> at
> java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:294)
> at
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
> at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
> at java.lang.Thread.run(Thread.java:748){noformat}
> After investigating, we noticed that ZKDelegationTokenSecretManager normally
> initializes properties for ZooKeeper clients to connect using SASL/Kerberos.
> If ZKDelegationTokenSecretManager is replaced with a new SecretManager, the
> SASL properties don't get configured and any StateStores that connect to
> ZooKeeper fail with the above error.
> A potential way to fix this is by setting the JaasConfiguration (currently
> done in ZKDelegationTokenSecretManager) as part of the
> StateStoreZooKeeperImpl initialization method.
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
