no available namenodes: SASL handshake: wrong Token ID. Expected 0504, was 607d

[mountainhua]

I think it is similar with this issue：https://github.com/colinmarc/hdfs/issues/274 here is my code

func newHDFSWithKerberosClient(volume models.Volume) (*HDFSClient, error) {
	addresses := strings.Split(volume.Storage.ServerAddresses, ",")
	credential := volume.Credential.HDFSKerberosCredential
	properties := volume.Storage.PropertiesMap
	kerberosClient, err := newKerberosClientWithKeyTab(
		properties[models.KerberosRealm], properties[models.KerberosKDC], credential)
	if err != nil {
		log.Logger.Error("new kerberos client failed, volume id[%s], err[%v]", volume.ID, err)
		return nil, err
	}

	dialFunc := (&net.Dialer{
		Timeout:   time.Duration(HDFSConnTimeOut) * time.Second,
		KeepAlive: 5 * time.Second,
		DualStack: true,
	}).DialContext

	principalName := strings.Split(volume.Storage.PropertiesMap[models.KerberosNameNodePrincipal], "@")[0]
	option := hdfs.ClientOptions{
		Addresses:                    addresses,
		NamenodeDialFunc:             dialFunc,
		DatanodeDialFunc:             dialFunc,
		KerberosClient:               kerberosClient,
		KerberosServicePrincipleName: principalName,
		DataTransferProtection:       volume.Storage.PropertiesMap[models.DataTransferProtection],
	}

	log.Logger.Info("new hdfs kerberos client volume id[%s], options[%+v]", volume.ID, option)
	client, err := hdfs.NewClient(option)
	if err != nil {
		log.Logger.Error("Create HDFS kerberos client failed, volume id[%s], credential[%+v], principalName[%s], err[%v]",
			volume.ID, credential, principalName, err)
		return nil, err
	}
	return &HDFSClient{Client: client}, nil
}

when it connected to hdfs with Kerberos，it returns no available namenodes: SASL handshake: wrong Token ID. Expected 0504, was 607d. the error message is occured in this line Actually, I have no idea what 607d stands for

[meoww-bot]

Here's my code, hope it helps

func NewHDFSClient(principal, password string, nodenames []string) (*hdfs.Client, error) {

	conf, err := hadoopconf.LoadFromEnvironment()

	principalUser := strings.Split(principal, "@")[0]
	if err != nil {
		slog.Error("Problem loading configuration ", "msg", err)
		return nil, err
	}
	options := hdfs.ClientOptionsFromConf(conf)

	// log.Printf("ClientOptionsFromConf options: %+v\n", options)

	options.Addresses = nodenames
	options.KerberosClient, err = lib.CreateKerberosClientWithPassword(principal, password)
	if err != nil {
		slog.Error("CreateKerberosClientWithPassword error", "msg", err)
		return nil, err
	}
	options.KerberosServicePrincipleName = "nn/_HOST"
	options.DataTransferProtection = "privacy"
	options.User = principalUser

	creds := options.KerberosClient.Credentials

	slog.Debug("options ", "Addresses:", options.Addresses)
	slog.Debug("options ", "KerberosClient:", options.KerberosClient)
	slog.Debug("options ", "KerberosServicePrincipleName:", options.KerberosServicePrincipleName)
	slog.Debug("options ", "User:", options.User)
	slog.Debug("options ", "creds:", options.KerberosClient.Credentials)
	slog.Debug("options ", "creds User", creds.UserName())
	slog.Debug("options ", "creds realm", creds.Realm())

	// log.Printf("reformat options: %+v\n", options)

	client, err := hdfs.NewClient(options)

	if err != nil {
		return nil, err
	}

	return client, nil
}