When Kerberos is enabled and Hadoop is upgraded from 2.7.2 to 3.3.4, when Acitve Namenode version is 3.3.4 and Datanode version is 2.7.2, The BlockToken authentication between Namenode and Datanode fails. As a result, the client cannot read and write.
The datanode error: org.apache.hadoop.security.token.SecretManager$InvalidToken: Block token with block_token_identifier (expiryDate=1664452892587, keyId=2032735264, userId=work, blockPoolId=BP-874546658-10.48.20.234-1660635316009, blockId=1152681184, access modes=[READ]) doesn't have the correct token password at org.apache.hadoop.hdfs.security.token.block.BlockTokenSecretManager.checkAccess(BlockTokenSecretManager.java:303) at org.apache.hadoop.hdfs.security.token.block.BlockPoolTokenSecretManager.checkAccess(BlockPoolTokenSecretManager.java:97) at org.apache.hadoop.hdfs.server.datanode.DataXceiver.checkAccess(DataXceiver.java:1296) at org.apache.hadoop.hdfs.server.datanode.DataXceiver.readBlock(DataXceiver.java:521) at org.apache.hadoop.hdfs.protocol.datatransfer.Receiver.opReadBlock(Receiver.java:116) at org.apache.hadoop.hdfs.protocol.datatransfer.Receiver.processOp(Receiver.java:71) at org.apache.hadoop.hdfs.server.datanode.DataXceiver.run(DataXceiver.java:253) at java.lang.Thread.run(Thread.java:745) This phenomenon like https://issues.apache.org/jira/browse/HDFS-14509, but can't merge the issues on the version 2.7.2 patch, so now can't in the case of open kerberos, Perform a rolling upgrade of Hadoop (2.7.2 upgrading 3.3.4) I think it's a problem. What do you think