[
https://issues.apache.org/jira/browse/HDFS-2579?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13203271#comment-13203271
]
Jitendra Nath Pandey commented on HDFS-2579:
--------------------------------------------
bq. The issue is that the "stopSecretManager" call is holding the FSNamesystem
lock, but the secret manager thread is waiting on the same lock.
Another possible approach: Secret manager acquires namesystem write lock using
tryLock with a timeout, in a loop and checks the "running" flag before
attempting tryLock. Since it is not a deadlock situation, stopSecretManager
will be able to mark running as false.
> Starting delegation token manager during safemode fails
> -------------------------------------------------------
>
> Key: HDFS-2579
> URL: https://issues.apache.org/jira/browse/HDFS-2579
> Project: Hadoop HDFS
> Issue Type: Sub-task
> Components: ha, name-node, security
> Affects Versions: HA branch (HDFS-1623)
> Reporter: Todd Lipcon
> Assignee: Todd Lipcon
> Attachments: hdfs-2579.txt, hdfs-2579.txt, hdfs-2579.txt
>
>
> I noticed this on the HA branch, but it seems to actually affect non-HA
> branch 0.23 if security is enabled. When the NN starts up, if security is
> enabled, we start the delegation token secret manager, which then tries to
> call {{logUpdateMasterKey}}. This fails because the edit logs may not be
> written while in safe-mode.
> It seems to me that there's not any necessary reason that you have to make a
> new master key at startup, since you've loaded the old key when you load the
> FSImage. You'd only be lacking a DT master key on a fresh cluster, in which
> case we could have it generate one at format time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
