Home Forums HDP on Linux – Installation HDP 1.3 – secure datanode/unsecure cluster

This topic contains 4 replies, has 3 voices, and was last updated by  Ron DeLara 11 months, 1 week ago.

  • Creator
    Topic
  • #27601

    Chris Bennight
    Participant

    I’m attempting a HDP 1.3 install on a small centOS 6.4 cluster. I’ve taking the manual repo path and am stuck starting up datanodes. My namenode is up, but when I attempt to start a datanode it fails, and in the log directory there’s a jsvc.err file with the following text:


    Initializing secure datanode resources
    java.lang.reflect.InvocationTargetException
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:601)
    at org.apache.commons.daemon.support.DaemonLoader.load(DaemonLoader.java:156)
    Caused by: java.lang.RuntimeException: Cannot start secure datanode in unsecure cluster
    at org.apache.hadoop.hdfs.server.datanode.SecureDataNodeStarter.init(SecureDataNodeStarter.java:64)
    ... 5 more
    16/06/2013 12:17:04 18886 jsvc.exec error: Cannot load daemon
    16/06/2013 12:17:04 18849 jsvc.exec error: Service exit with a return value of 3

    I can see from the code:

    https://github.com/boersmamarcel/HadoopSingleNode/blob/master/hadoop/cloudera/patches/0727-CLOUDERA-BUILD.-No-need-to-restrict-jsvc-usage-to-se.patch

    that it appears to be doing kerebos authentication – which I don’t have a server setup for – but as far as I can tell this should be disabled.

    in core-site.xml I have

    hadoop.security.authentication
    simple

    Set the authentication for the cluster. Valid values are: simple or kerberos.

    Which appears to be what sets the HADOOP_SECURITY_AUTHENTICATION value. So I’m not sure why it’s still trying to start in secure mode.

Viewing 4 replies - 1 through 4 (of 4 total)

You must be logged in to reply to this topic.

  • Author
    Replies
  • #33260

    Ron DeLara
    Participant

    In the file hadoop-env.sh, comment out the following line
    #export HADOOP_SECURE_DN_USER=hdfs

    Collapse
    #27730

    tedr
    Moderator

    Hi Chris,

    Can you try setting the property hadoop.security.authorization to false in core-site.xml and see if that helps.

    Thanks,
    Ted.

    Collapse
    #27671

    Chris Bennight
    Participant

    Yep – same on all nodes (just confirmed)

    Collapse
    #27622

    tedr
    Moderator

    Hi Chris,

    Is this setting in core-site.xml on all nodes in your cluster?

    Thanks,
    Ted.

    Collapse
Viewing 4 replies - 1 through 4 (of 4 total)