You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@atlas.apache.org by "ighack (Jira)" <ji...@apache.org> on 2021/07/16 01:48:00 UTC

[jira] [Commented] (ATLAS-4361) Hive Hook can't send notification

    [ https://issues.apache.org/jira/browse/ATLAS-4361?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17381652#comment-17381652 ] 

ighack commented on ATLAS-4361:
-------------------------------

[Atlas Notifier 0]: ProducerConfig values: 
 acks = 1
 batch.size = 16384
 bootstrap.servers = [bigdser1:9092, bigdser2:9092, bigdser3:9092, bigdser4:9092, bigdser5:9092]
 buffer.memory = 33554432
 client.dns.lookup = default
 client.id = 
 compression.type = none
 connections.max.idle.ms = 540000
 delivery.timeout.ms = 120000
 enable.idempotence = false
 interceptor.classes = []
 key.serializer = class org.apache.kafka.common.serialization.StringSerializer
 linger.ms = 0
 max.block.ms = 60000
 max.in.flight.requests.per.connection = 5
 max.request.size = 1048576
 metadata.max.age.ms = 300000
 metric.reporters = []
 metrics.num.samples = 2
 metrics.recording.level = INFO
 metrics.sample.window.ms = 30000
 partitioner.class = class org.apache.kafka.clients.producer.internals.DefaultPartitioner
 receive.buffer.bytes = 32768
 reconnect.backoff.max.ms = 1000
 reconnect.backoff.ms = 50
 request.timeout.ms = 30000
 retries = 2147483647
 retry.backoff.ms = 100
 sasl.client.callback.handler.class = null
 sasl.jaas.config = [hidden]
 sasl.kerberos.kinit.cmd = /usr/bin/kinit
 sasl.kerberos.min.time.before.relogin = 60000
 sasl.kerberos.service.name = kafka
 sasl.kerberos.ticket.renew.jitter = 0.05
 sasl.kerberos.ticket.renew.window.factor = 0.8
 sasl.login.callback.handler.class = null
 sasl.login.class = null
 sasl.login.refresh.buffer.seconds = 300
 sasl.login.refresh.min.period.seconds = 60
 sasl.login.refresh.window.factor = 0.8
 sasl.login.refresh.window.jitter = 0.05
 sasl.mechanism = GSSAPI
 security.protocol = SASL_PLAINTEXT
 send.buffer.bytes = 131072
 ssl.cipher.suites = null
 ssl.enabled.protocols = [TLSv1.2, TLSv1.1, TLSv1]
 ssl.endpoint.identification.algorithm = null
 ssl.key.password = null
 ssl.keymanager.algorithm = SunX509
 ssl.keystore.location = null
 ssl.keystore.password = null
 ssl.keystore.type = JKS
 ssl.protocol = TLS
 ssl.provider = null
 ssl.secure.random.implementation = null
 ssl.trustmanager.algorithm = PKIX
 ssl.truststore.location = null
 ssl.truststore.password = null
 ssl.truststore.type = JKS
 transaction.timeout.ms = 60000
 transactional.id = null
 value.serializer = class org.apache.kafka.common.serialization.StringSerializer

> Hive Hook can't send notification
> ---------------------------------
>
>                 Key: ATLAS-4361
>                 URL: https://issues.apache.org/jira/browse/ATLAS-4361
>             Project: Atlas
>          Issue Type: Bug
>          Components: hive-integration
>    Affects Versions: 2.1.0
>            Reporter: ighack
>            Priority: Blocker
>
> when I create a view
> I get a error 
>  
> Caused by: javax.security.auth.login.LoginException: Could not login: the client is being asked for a password, but the Kafka client code does not currently support obtaining a password from the user. not available to garner authentication information from the user
>  
> but I make sure keytab and principal is OK
> #Enable for Kerberized Kafka clusters
>  atlas.notification.kafka.service.principal=jztwk/hadoop@JOIN.COM
>  atlas.notification.kafka.keytab.location=/hadoop/app/jztwk.keytab
>  atlas.kafka.security.protocol=SASL_PLAINTEXT
>  atlas.kafka.sasl.kerberos.service.name=kafka
> ##############JAAS Configuration ########
> atlas.jaas.KafkaClient.loginModuleName=com.sun.security.auth.module.Krb5LoginModule
>  atlas.jaas.KafkaClient.loginModuleControlFlag=required
>  atlas.jaas.KafkaClient.option.useKeyTab=true
>  atlas.jaas.KafkaClient.option.storeKey=true
>  atlas.jaas.KafkaClient.option.serviceName=kafka
>  atlas.jaas.KafkaClient.option.keyTab=/hadoop/app/jztwk.keytab
>  [atlas.jaas.KafkaClient.option.principal=jztwk/hadoop@JOIN.COM|mailto:atlas.jaas.KafkaClient.option.principal=jztwk/hadoop@JOIN.COM]
>  
> and I modify [KafkaNotification.java|https://sourcegraph.com/github.com/apache/atlas/-/blob/notification/src/main/java/org/apache/atlas/kafka/KafkaNotification.java] add a debug
> LOG.debug("sasl.jaas.config is " + newJaasProperty);
>  
> I see  
> sasl.jaas.config is  *com.sun.security.auth.module.Krb5LoginModule required keyTab="/hadoop/app/jztwk.keytab" storeKey=true useKeyTab=true principal="jztwk/hadoop@JOIN.COM" ;*
> in log 
> I use this config to my application.
> that is OK.
>  
> Properties props = new Properties();
>  props.put("bootstrap.servers", "bigdser1:9092,bigdser2:9092,bigdser3:9092,bigdser4:9092,bigdser5:9092");
> System.setProperty("java.security.krb5.conf","D:/file/krb5.conf");
> props.put("sasl.jaas.config","com.sun.security.auth.module.Krb5LoginModule required keyTab=\"D:/file/jztwk.keytab\" storeKey=true useKeyTab=true principal=\"jztwk/hadoop@JOIN.COM\" ;");
>  props.put("security.protocol", "SASL_PLAINTEXT");
>  props.put("sasl.kerberos.service.name", "kafka");
> props.put("key.serializer", "org.apache.kafka.common.serialization.StringSerializer");
>  props.put("value.serializer", "org.apache.kafka.common.serialization.StringSerializer");
>  KafkaProducer<String,String> producer = new KafkaProducer<>(props);
>  
> and I can run import-hive.sh
> so, I don't understand why



--
This message was sent by Atlassian Jira
(v8.3.4#803005)