[
https://issues.apache.org/jira/browse/YARN-1640?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13941277#comment-13941277
]
Xuan Gong commented on YARN-1640:
---------------------------------
The reason why it fails is because when we start rm in manual failover. We
still start adminservice using configured RM principal. When we call
transitionToActive using different principal, the saslclient compares the
principal from the adminserver and the its configured principal. At this time,
the authentication will pass. Since we are using different principal to call
transitiinToActive, it will actually create the rpc and start all active
services with second principal. So, when NM tries to connect rm, the
authentication will fail.
> Manual Failover does not work in secure clusters
> ------------------------------------------------
>
> Key: YARN-1640
> URL: https://issues.apache.org/jira/browse/YARN-1640
> Project: Hadoop YARN
> Issue Type: Sub-task
> Reporter: Xuan Gong
> Assignee: Xuan Gong
> Priority: Blocker
> Attachments: YARN-1640.1.patch
>
>
> NodeManager gets rejected after manually making one RM as active.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
