Hi All,
I would like to setup https so a user is required to authenticate to browse the
filesystem and look at dfshealth. Right now, we are just starting to get
familiar with hadoop hdfs and MR on a pseudo distributed environment.
My understanding is that I have to change the hdfs-site.xml properties to:
dfs.https.enable=true
dfs.client.https.need-auth=true
I left the default ones for the two https addresses.
I also created the two ssl-client.xml and ssl-server.xml files with the
truststore and keystore locations, password and type.
When I try to start the namenode it fails with the following error in the log:
2012-05-24 16:10:54,943 ERROR org.apache.hadoop.hdfs.server.namenode.NameNode:
java.lang.IllegalArgumentException: Does not contain a valid host:port
authority: 0.0.0.0:0.0.0.0:0
at org.apache.hadoop.net.NetUtils.createSocketAddr(NetUtils.java:162)
at org.apache.hadoop.net.NetUtils.createSocketAddr(NetUtils.java:128)
at
org.apache.hadoop.hdfs.server.namenode.NameNode$1.run(NameNode.java:406)
at
org.apache.hadoop.hdfs.server.namenode.NameNode$1.run(NameNode.java:353)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAs(Subject.java:396)
at
org.apache.hadoop.security.UserGroupInformation.doAs(UserGroupInformation.java:1093)
at
org.apache.hadoop.hdfs.server.namenode.NameNode.startHttpServer(NameNode.java:353)
at
org.apache.hadoop.hdfs.server.namenode.NameNode.initialize(NameNode.java:305)
at
org.apache.hadoop.hdfs.server.namenode.NameNode.<init>(NameNode.java:496)
at
org.apache.hadoop.hdfs.server.namenode.NameNode.createNameNode(NameNode.java:1279)
at
org.apache.hadoop.hdfs.server.namenode.NameNode.main(NameNode.java:1288)
If I reverse back dfs.https.enable to false, everything works fine.
So I just would like to know if I am doing to right thing, and if anyone has
faced the same issue... or done it successfully.
Thanks,
Marc
________________________________
This electronic message is intended to be for the use only of the named
recipient, and may contain information that is confidential or privileged. If
you are not the intended recipient, you are hereby notified that any
disclosure, copying, distribution or use of the contents of this message is
strictly prohibited. If you have received this message in error or are not the
named recipient, please notify us immediately by contacting the sender at the
electronic mail address noted above, and delete and destroy all copies of this
message. Thank you.
--------------------
This electronic message is intended to be for the use only of the named
recipient, and may contain information that is confidential or privileged. If
you are not the intended recipient, you are hereby notified that any
disclosure, copying, distribution or use of the contents of this message is
strictly prohibited. If you have received this message in error or are not the
named recipient, please notify us immediately by contacting the sender at the
electronic mail address noted above, and delete and destroy all copies of this
message. Thank you.
--------------------
This electronic message is intended to be for the use only of the named
recipient, and may contain information that is confidential or privileged. If
you are not the intended recipient, you are hereby notified that any
disclosure, copying, distribution or use of the contents of this message is
strictly prohibited. If you have received this message in error or are not the
named recipient, please notify us immediately by contacting the sender at the
electronic mail address noted above, and delete and destroy all copies of this
message. Thank you.
