Here is part of hfs-site.xml <property> <name>dfs.secondary.namenode.keytab.file</name> <value>/etc/hadoop/conf/hdfs.keytab</value> <!-- path to the HDFS keytab --> </property> <property> <name>dfs.secondary.namenode.kerberos.principal</name> <value>postg...@cw.com</value> </property> <property> <name>dfs.secondary.namenode.kerberos.internal.spnego.principal</name> <value>h...@cw.com</value> </property>
<!-- DataNode security config and SASL --> <property> <name>dfs.datanode.data.dir.perm</name> <value>700</value> </property> <property> <name>dfs.datanode.address</name> <value>0.0.0.0:1004</value> </property> <property> <name>dfs.datanode.http.address</name> <value>0.0.0.0:1006</value> </property> <property> <name>dfs.datanode.keytab.file</name> <value>/etc/hadoop/conf/hdfs.keytab</value> <!-- path to the HDFS keytab --> </property> <property> <name>dfs.datanode.kerberos.principal</name> <value>postg...@cw.com</value> </property> <property> <name>dfs.data.transfer.protection</name> <value>integrity</value> </property> <property> <name>dfs.http.policy</name> <value>HTTP_ONLY</value> </property> <!-- Web Authentication config --> <property> <name>dfs.web.authentication.kerberos.principal</name> <value>h...@cw.com</value> </property> > On 21 Jun 2018, at 4:52 PM, ZongtianHou <zongtian...@icloud.com> wrote: > > Hi,everyone: > I am setting up kerberos for Hadoop cluster, but when starting the datanode, > the following error happened: > java.lang.RuntimeException: Cannot start secure DataNode without configuring > either privileged resources or SASL RPC data transfer protection and SSL for > HTTP. Using privileged resources in combination with SASL RPC data transfer > protection is not supported. > I have searched the internet for a while but still can’t solve the issue, > does anyone have a clue?