[jira] [Created] (APEXCORE-746) Application fails to run in TLS/SSL enabled cluster because of a stram web service error

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[jira] [Created] (APEXCORE-746) Application fails to run in TLS/SSL enabled cluster because of a stram web service error

JIRA jira@apache.org
Velineni Lakshmi Prasanna created APEXCORE-746:
--------------------------------------------------

             Summary: Application fails to run in TLS/SSL enabled cluster because of a stram web service error
                 Key: APEXCORE-746
                 URL: https://issues.apache.org/jira/browse/APEXCORE-746
             Project: Apache Apex Core
          Issue Type: Bug
         Environment: CDH 5.11.0 + TLS/SSL enabled
            Reporter: Velineni Lakshmi Prasanna


In the specified environment with TLS/SSL enabled, an application this is launched fails to get to a running state. It gets stuck in accepted state.

On further debugging, the app master starts but gets stuck failing to initialize the stram web service and eventually fails with the following exception

java.io.IOException: !JsseListener: java.lang.NullPointerException
        at org.mortbay.jetty.security.SslSocketConnector.newServerSocket(SslSocketConnector.java:531)
        at org.apache.hadoop.security.ssl.SslSocketConnectorSecure.newServerSocket(SslSocketConnectorSecure.java:46)
        at org.mortbay.jetty.bio.SocketConnector.open(SocketConnector.java:73)
        at org.apache.hadoop.http.HttpServer2.openListeners(HttpServer2.java:953)
        at org.apache.hadoop.http.HttpServer2.start(HttpServer2.java:894)
        at org.apache.hadoop.yarn.webapp.WebApps$Builder.start(WebApps.java:274)
        at com.datatorrent.stram.StreamingAppMasterService.serviceStart(StreamingAppMasterService.java:636)
        at org.apache.hadoop.service.AbstractService.start(AbstractService.java:193)
        at com.datatorrent.stram.StreamingAppMaster.main(StreamingAppMaster.java:103)
2017-06-16 07:46:48,530 ERROR com.datatorrent.stram.StreamingAppMasterService: Webapps failed to start. Ignoring for now:
org.apache.hadoop.yarn.webapp.WebAppException: Error starting http server
        at org.apache.hadoop.yarn.webapp.WebApps$Builder.start(WebApps.java:279)
        at com.datatorrent.stram.StreamingAppMasterService.serviceStart(StreamingAppMasterService.java:636)
        at org.apache.hadoop.service.AbstractService.start(AbstractService.java:193)
        at com.datatorrent.stram.StreamingAppMaster.main(StreamingAppMaster.java:103)
Caused by: java.io.IOException: !JsseListener: java.lang.NullPointerException
        at org.mortbay.jetty.security.SslSocketConnector.newServerSocket(SslSocketConnector.java:531)
        at org.apache.hadoop.security.ssl.SslSocketConnectorSecure.newServerSocket(SslSocketConnectorSecure.java:46)
        at org.mortbay.jetty.bio.SocketConnector.open(SocketConnector.java:73)
        at org.apache.hadoop.http.HttpServer2.openListeners(HttpServer2.java:953)
        at org.apache.hadoop.http.HttpServer2.start(HttpServer2.java:894)
        at org.apache.hadoop.yarn.webapp.WebApps$Builder.start(WebApps.java:274)

Debugging deeper, this is because the SSL credentials don't get passed on to the underlying jetty subsystem that is being used by hadoop for the web server functionality. These credentials were configured in CDH and are being used by the hadoop web services without any problem.

The workaround to get past this and get the application running is to pass the credentials explicitly when launching the application by specifying the following attribute

dt.attr.CONTAINER_JVM_OPTIONS : -Djetty.ssl.keypassword=<keypassword> -Djetty.ssl.password=<keystorepassword>



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)