elasticsearch
elasticsearch copied to clipboard
mesos
ZK Auth support
Our ZooKeeper cluster has ACL enabled. The framework scheduler starts as expected (when the zookepper url is username:password@zookeeper-host:2181) but when the esdemo task tries to start, it fails with this message:
I0817 10:28:59.375530 7 exec.cpp:132] Version: 0.22.1
I0817 10:28:59.440017 19 exec.cpp:206] Executor registered on slave 20150817-093955-657787039-15050-21356-S1
com.sonian.elasticsearch.zookeeper.client.ZooKeeperClientException: Cannot create node at /es
at com.sonian.elasticsearch.zookeeper.client.ZooKeeperClientService.createPersistentNode(ZooKeeperClientService.java:142)
at com.sonian.elasticsearch.zookeeper.client.ZooKeeperClientService.doStart(ZooKeeperClientService.java:92)
at org.elasticsearch.common.component.AbstractLifecycleComponent.start(AbstractLifecycleComponent.java:85)
at com.sonian.elasticsearch.zookeeper.settings.ZooKeeperSettingsManager.doStart(ZooKeeperSettingsManager.java:62)
at org.elasticsearch.common.component.AbstractLifecycleComponent.start(AbstractLifecycleComponent.java:85)
at com.sonian.elasticsearch.zookeeper.settings.ZooKeeperSettingsManager.loadZooKeeperSettings(ZooKeeperSettingsManager.java:85)
at com.sonian.elasticsearch.plugin.zookeeper.ZooKeeperPlugin.additionalSettings(ZooKeeperPlugin.java:47)
at org.elasticsearch.plugins.PluginsService.updatedSettings(PluginsService.java:214)
at org.elasticsearch.node.internal.InternalNode.<init>(InternalNode.java:158)
at org.elasticsearch.node.NodeBuilder.build(NodeBuilder.java:159)
at org.elasticsearch.node.NodeBuilder.node(NodeBuilder.java:166)
at org.apache.mesos.elasticsearch.executor.elasticsearch.ElasticsearchLauncher.launch(ElasticsearchLauncher.java:22)
at org.apache.mesos.elasticsearch.executor.mesos.ElasticsearchExecutor.launchTask(ElasticsearchExecutor.java:66)
Caused by: org.apache.zookeeper.KeeperException$NoAuthException: KeeperErrorCode = NoAuth for /es
at org.apache.zookeeper.KeeperException.create(KeeperException.java:113)
at org.apache.zookeeper.KeeperException.create(KeeperException.java:51)
at org.apache.zookeeper.ZooKeeper.create(ZooKeeper.java:783)
at com.sonian.elasticsearch.zookeeper.client.ZooKeeperClientService$2.call(ZooKeeperClientService.java:131)
at com.sonian.elasticsearch.zookeeper.client.ZooKeeperClientService.zooKeeperCall(ZooKeeperClientService.java:574)
at com.sonian.elasticsearch.zookeeper.client.ZooKeeperClientService.createPersistentNode(ZooKeeperClientService.java:122)
... 12 more
Exception in thread "Thread-1" I0817 10:29:07.087577 19 exec.cpp:413] Deactivating the executor libprocess
What kind of permission is it missing? Isn't the ZooKeeper ACL inherited by the tasks?
Hi eirslett, Thanks for reporting this. We haven't implemented/tested any Auth functionality yet, so I'm not surprised it doesn't work. For now, we only support non-Authenticated ZK and Mesos sessions. I will leave this message here to serve as the reminder for ZK auth functionality. Thanks!
