Xiao Chen created HADOOP-13698: ---------------------------------- Summary: Document caveat for KeyShell when underlying KeyProvider does not delete a key Key: HADOOP-13698 URL: https://issues.apache.org/jira/browse/HADOOP-13698 Project: Hadoop Common Issue Type: Improvement Components: documentation, kms Affects Versions: 2.8.0 Reporter: Xiao Chen Assignee: Xiao Chen Priority: Minor
For cases like: {noformat} $ hadoop key create d d has not been created. java.io.IOException: HTTP status [500], exception [DuplicateKeyException], message [Key with name "d" already exists in "KeyProvider@5e552a98. Key exists but has been disabled. Use undelete to enable.] java.io.IOException: HTTP status [500], exception [KeyProvider$DuplicateKeyException], message [Key with name "d" already exists in "KeyProvider@5e552a98. Key exists but has been disabled. Use undelete to enable.] at org.apache.hadoop.util.HttpExceptionUtils.validateResponse(HttpExceptionUtils.java:159) at org.apache.hadoop.crypto.key.kms.KMSClientProvider.call(KMSClientProvider.java:615) at org.apache.hadoop.crypto.key.kms.KMSClientProvider.call(KMSClientProvider.java:573) at org.apache.hadoop.crypto.key.kms.KMSClientProvider.createKeyInternal(KMSClientProvider.java:739) at org.apache.hadoop.crypto.key.kms.KMSClientProvider.createKey(KMSClientProvider.java:747) at org.apache.hadoop.crypto.key.KeyShell$CreateCommand.execute(KeyShell.java:506) at org.apache.hadoop.crypto.key.KeyShell.run(KeyShell.java:91) at org.apache.hadoop.util.ToolRunner.run(ToolRunner.java:70) at org.apache.hadoop.crypto.key.KeyShell.main(KeyShell.java:538) $ hadoop key delete d You are about to DELETE all versions of key d from KeyProvider KMSClientProvider[http://localhost:16000/kms/v1/]. Continue? (Y or N) Y Deleting key: d from KeyProvider: KMSClientProvider[http://localhost:16000/kms/v1/] d has not been deleted. java.io.IOException: Key named d was already deleted but is disabled. Use purge to destroy all traces or undelete to reactivate. java.io.IOException: Key named d was already deleted but is disabled. Use purge to destroy all traces or undelete to reactivate. at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) at java.lang.reflect.Constructor.newInstance(Constructor.java:526) at org.apache.hadoop.util.HttpExceptionUtils.validateResponse(HttpExceptionUtils.java:157) at org.apache.hadoop.crypto.key.kms.KMSClientProvider.call(KMSClientProvider.java:615) at org.apache.hadoop.crypto.key.kms.KMSClientProvider.call(KMSClientProvider.java:573) at org.apache.hadoop.crypto.key.kms.KMSClientProvider.deleteKey(KMSClientProvider.java:877) at org.apache.hadoop.crypto.key.KeyShell$DeleteCommand.execute(KeyShell.java:436) at org.apache.hadoop.crypto.key.KeyShell.run(KeyShell.java:91) at org.apache.hadoop.util.ToolRunner.run(ToolRunner.java:70) at org.apache.hadoop.crypto.key.KeyShell.main(KeyShell.java:538) $ hadoop key create d d has not been created. java.io.IOException: HTTP status [500], exception [KeyProvider$DuplicateKeyException], message [Key with name "d" already exists in "KeyProvider@5e552a98. Key exists but has been disabled. Use undelete to enable.] java.io.IOException: HTTP status [500], exception [KeyProvider$DuplicateKeyException], message [Key with name "d" already exists in "KeyProvider@5e552a98. Key exists but has been disabled. Use undelete to enable.] at org.apache.hadoop.util.HttpExceptionUtils.validateResponse(HttpExceptionUtils.java:159) at org.apache.hadoop.crypto.key.kms.KMSClientProvider.call(KMSClientProvider.java:615) at org.apache.hadoop.crypto.key.kms.KMSClientProvider.call(KMSClientProvider.java:573) at org.apache.hadoop.crypto.key.kms.KMSClientProvider.createKeyInternal(KMSClientProvider.java:739) at org.apache.hadoop.crypto.key.kms.KMSClientProvider.createKey(KMSClientProvider.java:747) at org.apache.hadoop.crypto.key.KeyShell$CreateCommand.execute(KeyShell.java:506) at org.apache.hadoop.crypto.key.KeyShell.run(KeyShell.java:91) at org.apache.hadoop.util.ToolRunner.run(ToolRunner.java:70) at org.apache.hadoop.crypto.key.KeyShell.main(KeyShell.java:538) {noformat} -- This message was sent by Atlassian JIRA (v6.3.4#6332) --------------------------------------------------------------------- To unsubscribe, e-mail: common-dev-unsubscr...@hadoop.apache.org For additional commands, e-mail: common-dev-h...@hadoop.apache.org