HDDS-684. Fix HDDS-4 branch after HDDS-490 and HADOOP-15832. Contributed by Xiaoyu Yao.
This commit is contained in:
parent
e89c35a50b
commit
61e85d7cd1
@ -119,6 +119,6 @@ run cp "${ROOT}/hadoop-ozone/objectstore-service/target/hadoop-ozone-objectstore
|
|||||||
cp -r "${ROOT}/hadoop-hdds/docs/target/classes/docs" ./
|
cp -r "${ROOT}/hadoop-hdds/docs/target/classes/docs" ./
|
||||||
|
|
||||||
#Copy docker compose files
|
#Copy docker compose files
|
||||||
run cp -p -r "${ROOT}/hadoop-ozone/dist/src/main/compose" .
|
run cp -p -R "${ROOT}/hadoop-ozone/dist/src/main/compose" .
|
||||||
run cp -p -r "${ROOT}/hadoop-ozone/dist/src/main/smoketest" .
|
run cp -p -r "${ROOT}/hadoop-ozone/dist/src/main/smoketest" .
|
||||||
run cp -p -r "${ROOT}/hadoop-ozone/dist/src/main/blockade" .
|
run cp -p -r "${ROOT}/hadoop-ozone/dist/src/main/blockade" .
|
||||||
|
@ -37,6 +37,7 @@ HDFS-SITE.XML_dfs.datanode.kerberos.principal=dn/_HOST@EXAMPLE.COM
|
|||||||
HDFS-SITE.XML_dfs.datanode.keytab.file=/etc/security/keytabs/dn.keytab
|
HDFS-SITE.XML_dfs.datanode.keytab.file=/etc/security/keytabs/dn.keytab
|
||||||
HDFS-SITE.XML_dfs.web.authentication.kerberos.principal=HTTP/_HOST@EXAMPLE.COM
|
HDFS-SITE.XML_dfs.web.authentication.kerberos.principal=HTTP/_HOST@EXAMPLE.COM
|
||||||
HDFS-SITE.XML_dfs.web.authentication.kerberos.keytab=/etc/security/keytabs/HTTP.keytab
|
HDFS-SITE.XML_dfs.web.authentication.kerberos.keytab=/etc/security/keytabs/HTTP.keytab
|
||||||
|
OZONE-SITE.XML_hdds.datanode.dir=/data/hdds
|
||||||
HDFS-SITE.XML_dfs.datanode.address=0.0.0.0:1019
|
HDFS-SITE.XML_dfs.datanode.address=0.0.0.0:1019
|
||||||
HDFS-SITE.XML_dfs.datanode.http.address=0.0.0.0:1012
|
HDFS-SITE.XML_dfs.datanode.http.address=0.0.0.0:1012
|
||||||
CORE-SITE.XML_dfs.data.transfer.protection=authentication
|
CORE-SITE.XML_dfs.data.transfer.protection=authentication
|
||||||
|
@ -82,7 +82,7 @@ fi
|
|||||||
|
|
||||||
if [ -n "$ENSURE_SCM_INITIALIZED" ]; then
|
if [ -n "$ENSURE_SCM_INITIALIZED" ]; then
|
||||||
if [ ! -f "$ENSURE_SCM_INITIALIZED" ]; then
|
if [ ! -f "$ENSURE_SCM_INITIALIZED" ]; then
|
||||||
/opt/hadoop/bin/ozone scm -init
|
/opt/hadoop/bin/ozone scm --init
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
@ -92,7 +92,7 @@ if [ -n "$ENSURE_OM_INITIALIZED" ]; then
|
|||||||
# Could be removed after HDFS-13203
|
# Could be removed after HDFS-13203
|
||||||
echo "Waiting 15 seconds for SCM startup"
|
echo "Waiting 15 seconds for SCM startup"
|
||||||
sleep 15
|
sleep 15
|
||||||
/opt/hadoop/bin/ozone om -createObjectStore
|
/opt/hadoop/bin/ozone om --init
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
@ -314,17 +314,17 @@ private File getMetricsStorageFile() {
|
|||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Login KSM service user if security and Kerberos are enabled.
|
* Login OM service user if security and Kerberos are enabled.
|
||||||
*
|
*
|
||||||
* @param conf
|
* @param conf
|
||||||
* @throws IOException, AuthenticationException
|
* @throws IOException, AuthenticationException
|
||||||
*/
|
*/
|
||||||
private static void loginKSMUser(OzoneConfiguration conf)
|
private static void loginOMUser(OzoneConfiguration conf)
|
||||||
throws IOException, AuthenticationException {
|
throws IOException, AuthenticationException {
|
||||||
|
|
||||||
if (SecurityUtil.getAuthenticationMethod(conf).equals
|
if (SecurityUtil.getAuthenticationMethod(conf).equals
|
||||||
(AuthenticationMethod.KERBEROS)) {
|
(AuthenticationMethod.KERBEROS)) {
|
||||||
LOG.debug("Ozone security is enabled. Attempting login for KSM user. "
|
LOG.debug("Ozone security is enabled. Attempting login for OM user. "
|
||||||
+ "Principal: {},keytab: {}", conf.get(
|
+ "Principal: {},keytab: {}", conf.get(
|
||||||
OZONE_OM_KERBEROS_PRINCIPAL_KEY),
|
OZONE_OM_KERBEROS_PRINCIPAL_KEY),
|
||||||
conf.get(OZONE_OM_KERBEROS_KEYTAB_FILE_KEY));
|
conf.get(OZONE_OM_KERBEROS_KEYTAB_FILE_KEY));
|
||||||
@ -336,10 +336,10 @@ private static void loginKSMUser(OzoneConfiguration conf)
|
|||||||
OZONE_OM_KERBEROS_PRINCIPAL_KEY, socAddr.getHostName());
|
OZONE_OM_KERBEROS_PRINCIPAL_KEY, socAddr.getHostName());
|
||||||
} else {
|
} else {
|
||||||
throw new AuthenticationException(SecurityUtil.getAuthenticationMethod
|
throw new AuthenticationException(SecurityUtil.getAuthenticationMethod
|
||||||
(conf) + " authentication method not supported. KSM user login "
|
(conf) + " authentication method not supported. OM user login "
|
||||||
+ "failed.");
|
+ "failed.");
|
||||||
}
|
}
|
||||||
LOG.info("KSM login successful.");
|
LOG.info("Ozone Manager login successful.");
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -495,7 +495,7 @@ private static OzoneManager createOm(String[] argv,
|
|||||||
}
|
}
|
||||||
// Authenticate KSM if security is enabled
|
// Authenticate KSM if security is enabled
|
||||||
if (conf.getBoolean(OzoneConfigKeys.OZONE_SECURITY_ENABLED_KEY, true)) {
|
if (conf.getBoolean(OzoneConfigKeys.OZONE_SECURITY_ENABLED_KEY, true)) {
|
||||||
loginKSMUser(conf);
|
loginOMUser(conf);
|
||||||
}
|
}
|
||||||
switch (startOpt) {
|
switch (startOpt) {
|
||||||
case INIT:
|
case INIT:
|
||||||
|
Loading…
Reference in New Issue
Block a user