Support Questions

Find answers, ask questions, and share your expertise

Data at Rest Encryption - Error in creating encryption zone

avatar
Expert Contributor

hi , here is what i've done -

- Installed & setup Ranger KMS

- Created encryption key (using superuser - encr)

- when i try to create an Encryption zone, it gives 'Remote Exception' shown below.

---------------

[encr@sandbox ~]$ hdfs crypto -createZone -keyName key1 -path /zone_encr

RemoteException:

--------------

Log file (/var/log/ranger/kms/kms.log) shows the following error ->

Any ideas on what needs to be done to fix this ? ----------------------------------------------------

2017-01-20 23:02:23,207 DEBUG PolicyRefresher - PolicyRefresher(serviceName=Sandbox_kms).run(): no update found. lastKnownVersion=6 2017-01-20 23:02:23,207 DEBUG PolicyRefresher - <== PolicyRefresher(serviceName=Sandbox_kms).loadPolicyfromPolicyAdmin() 2017-01-20 23:02:23,207 DEBUG PolicyRefresher - <== PolicyRefresher(serviceName=Sandbox_kms).loadPolicy() 2017-01-20 23:02:24,562 DEBUG LimitLatch - Counting up[http-bio-9292-Acceptor-0] latch=1 2017-01-20 23:02:24,563 DEBUG Http11Processor

- Error parsing HTTP request header java.io.EOFException: Unexpected EOF read on the socket at org.apache.coyote.http11.Http11Processor.setRequestLineReadTimeout(Http11Processor.java:168) at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:982) at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:611) at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:314) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.lang.Thread.run(Thread.java:745) 2017-01-20 23:02:24,563 DEBUG Http11Protocol - Socket: [org.apache.tomcat.util.net.SocketWrapper@5f356f71:Socket[addr=/10.0.2.15,port=33340,localport=9292]], Status in: [OPEN_READ], State out: [CLOSED]

1 ACCEPTED SOLUTION

avatar
Expert Contributor

manually create user - nn, provided access to users 'nn' & 'hdfs' to to fix the issue,

reference - https://community.hortonworks.com/questions/41938/creating-encryption-zone-fails-on-a-kerberized-sin...

View solution in original post

2 REPLIES 2

avatar
Expert Contributor

@Ali Bajwa , @apappu - any ideas on this ?

avatar
Expert Contributor

manually create user - nn, provided access to users 'nn' & 'hdfs' to to fix the issue,

reference - https://community.hortonworks.com/questions/41938/creating-encryption-zone-fails-on-a-kerberized-sin...