You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@flink.apache.org by "Tzu-Li (Gordon) Tai (JIRA)" <ji...@apache.org> on 2017/01/20 15:56:26 UTC
[jira] [Resolved] (FLINK-5580) Kerberos keytabs not working for
YARN deployment mode
[ https://issues.apache.org/jira/browse/FLINK-5580?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Tzu-Li (Gordon) Tai resolved FLINK-5580.
----------------------------------------
Resolution: Fixed
> Kerberos keytabs not working for YARN deployment mode
> -----------------------------------------------------
>
> Key: FLINK-5580
> URL: https://issues.apache.org/jira/browse/FLINK-5580
> Project: Flink
> Issue Type: Bug
> Components: Security, YARN
> Reporter: Tzu-Li (Gordon) Tai
> Assignee: Tzu-Li (Gordon) Tai
> Priority: Critical
> Fix For: 1.2.0
>
>
> Setup: Kerberos security using keytabs, Flink session on YARN deployment (in standalone, it works fine without problems).
> I’m getting these error messages in the YARN node managers, causing the TaskManager containers to fail to start properly:
> {{org.apache.hadoop.security.UserGroupInformation: PriviledgedActionException as:tzulitai (auth:SIMPLE) cause:org.apache.hadoop.security.AccessControlException: Client cannot authenticate via:[TOKEN, KERBEROS]}}
> The security configuration for Hadoop has been set to "kerberos", to the "auto: SIMPLE" seems very strange. It also seems as if credential tokens has not been properly set for the {{ContainerLaunchContext}} s, which may be an issue causing this.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)