Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search

s3a issue when endpoint set to fs.s3a.endpoint=s3.us-east-2.amazonaws.com

avatar
author-rank ykai
New Contributor

Created on ‎01-05-2020 10:30 PM - last edited on ‎01-05-2020 11:54 PM by Community Manager Community Manager

Hi,
I got a problem when set the different endpoint.
First bucket content was got correctly using the below command:
hadoop fs -D fs.s3a.access.key={AccKey1} -D fs.s3a.secret.key={SecKey1} -D fs.s3a.endpoint=s3.us-west-2.amazonaws.com -ls s3a://{BucketName1}/
The second bucket at another region "us-east-2" always replied error message when I use the below command:
hadoop fs -D fs.s3a.access.key={AccKey2} -D fs.s3a.secret.key={SecKey2} -D fs.s3a.endpoint=s3.us-east-2.amazonaws.com -ls s3a://{BucketName2}/

The error log is
com.cloudera.com.amazonaws.services.s3.model.AmazonS3Exception: Status Code: 400, AWS Service: Amazon S3, AWS Request ID: E4071D35B7EDCBC8, AWS Error Code: null, AWS Error Message: Bad Request, S3 Extended Request ID: hx3VeopeIlTm52qhKLJPlXKqvNJ9mspzz+MTsx5WAgjgbodKhiBPfL7wFwSdWdi4maunkaF4eDQ=
at com.cloudera.com.amazonaws.http.AmazonHttpClient.handleErrorResponse(AmazonHttpClient.java:798)
at com.cloudera.com.amazonaws.http.AmazonHttpClient.executeHelper(AmazonHttpClient.java:421)

........................

........................

The access key, secret key and bucket name is no problem because I can access it by S3 browser tool.

My Hadoop version is "Hadoop 2.6.0-cdh5.5.1"


thanks

11,507 Views
0 Kudos
1 REPLY 1

avatar
author-rank stevel author-rank
Guru

Created ‎03-11-2020 09:08 AM

I'm going to point you at the S3A troubleshooting docs, where we try to match error messages to root causes, though "bad request" is a broad issue -one AWS don't provide details on for security reasons

 

https://hadoop.apache.org/docs/r2.8.0/hadoop-aws/tools/hadoop-aws/index.html#Troubleshooting_S3A

 

for a us-west-2 endpoint you can/should just stick with the main endpoint. If you do change, you may have to worry about s3 signing algorithms. Depending on the specific version of CDH you are using that's  a hadoop config option; for the older versions, it's a JVM property which is tricky to propagate over hadoop application deployments. 

 

Summary:

* try to just stick to the central endpoint

* if you need to use a "V4 only endpoint", try and use the most recent version of CDH you can and use the fs.s3a.signing.algorithm option

11,437 Views
0 Kudos
Announcements
What's New @ Cloudera
Cloudera Data Engineering 1.23: Access Spark from Your Favor...
What's New @ Cloudera
HBase REST server scaling support is Generally Available
What's New @ Cloudera
New CLI option in the update-database command
What's New @ Cloudera
New Action menu item in the Cloudera Operational Database UI
What's New @ Cloudera
Get the list of supported instance types in the Cloudera Ope...
View More Announcements