[
https://issues.apache.org/jira/browse/FLINK-6117?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15944797#comment-15944797
]
ASF GitHub Bot commented on FLINK-6117:
---------------------------------------
Github user gaqzcb commented on the issue:
https://github.com/apache/flink/pull/3600
@EronWright @vijikarthi If you find the time, pls review this patch.
> 'zookeeper.sasl.disable' not takes effet when starting CuratorFramework
> ------------------------------------------------------------------------
>
> Key: FLINK-6117
> URL: https://issues.apache.org/jira/browse/FLINK-6117
> Project: Flink
> Issue Type: Sub-task
> Components: Client, JobManager
> Affects Versions: 1.2.0
> Environment: Ubuntu, non-secured
> Reporter: CanBin Zheng
> Assignee: CanBin Zheng
> Labels: security
> Original Estimate: 336h
> Remaining Estimate: 336h
>
> The value of 'zookeeper.sasl.disable' not used in the right way when starting
> CuratorFramework.
> Here are all the settings relevant to high-availability in my flink-conf.yaml:
> high-availability: zookeeper
> high-availability.zookeeper.quorum: localhost:2181
> high-availability.zookeeper.storageDir: hdfs:///flink/ha/
> Obviously, no explicit value is set for 'zookeeper.sasl.disable' so default
> value of 'true'(ConfigConstants.DEFAULT_ZOOKEEPER_SASL_DISABLE) would be
> applied. But when FlinkYarnSessionCli & FlinkApplicationMasterRunner start,
> both logs show that they attempt connecting to zookeeper in 'SASL' mode.
> logs are like this:
> 2017-03-18 23:53:10,498 INFO org.apache.zookeeper.ZooKeeper
> - Initiating client connection, connectString=localhost:2181
> sessionTimeout=60000
> watcher=org.apache.flink.shaded.org.apache.curator.ConnectionState@5949eba8
> 2017-03-18 23:53:10,498 INFO org.apache.zookeeper.ZooKeeper
> - Initiating client connection, connectString=localhost:2181
> sessionTimeout=60000
> watcher=org.apache.flink.shaded.org.apache.curator.ConnectionState@5949eba8
> 2017-03-18 23:53:10,522 WARN org.apache.zookeeper.ClientCnxn
> - SASL configuration failed:
> javax.security.auth.login.LoginException: No JAAS configuration section named
> 'Client' was found in specified JAAS configuration file:
> '/tmp/jaas-3047036396963510842.conf'. Will continue connection to Zookeeper
> server without SASL authentication, if Zookeeper server allows it.
> 2017-03-18 23:53:10,522 WARN org.apache.zookeeper.ClientCnxn
> - SASL configuration failed:
> javax.security.auth.login.LoginException: No JAAS configuration section named
> 'Client' was found in specified JAAS configuration file:
> '/tmp/jaas-3047036396963510842.conf'. Will continue connection to Zookeeper
> server without SASL authentication, if Zookeeper server allows it.
> 2017-03-18 23:53:10,530 INFO org.apache.zookeeper.ClientCnxn
> - Opening socket connection to server localhost/127.0.0.1:2181
> 2017-03-18 23:53:10,530 INFO org.apache.zookeeper.ClientCnxn
> - Opening socket connection to server localhost/127.0.0.1:2181
> 2017-03-18 23:53:10,534 ERROR
> org.apache.flink.shaded.org.apache.curator.ConnectionState -
> Authentication failed
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
