You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ambari.apache.org by "Vijay Srinivasaraghavan (JIRA)" <ji...@apache.org> on 2015/10/05 16:24:27 UTC
[jira] [Created] (AMBARI-13312) Enbale Kerberos is not working
Vijay Srinivasaraghavan created AMBARI-13312:
------------------------------------------------
Summary: Enbale Kerberos is not working
Key: AMBARI-13312
URL: https://issues.apache.org/jira/browse/AMBARI-13312
Project: Ambari
Issue Type: Bug
Components: ambari-server
Affects Versions: trunk
Environment: SLES 11 SP3
Reporter: Vijay Srinivasaraghavan
I have installed MIT KDC server on host1. Hadoop cluster and Ambari Server running in host 2 (in two separate containers). I have created a hadoop cluster with ZK, YARN/MR2 and HDFS services. When I try to enable security by using existing KDC, I see below 2 issues.
1) Ambari server krb5.conf is not getting updated with the values supplied in UI
2) Service keytab (kerberos.service_check.100515.keytab) seems to be having some issues.
{code}
lglop193:/ # klist
klist: No credentials cache found (ticket cache FILE:/tmp/krb5cc_0)
Kerberos 4 ticket cache: /tmp/tkt0
klist: You have no tickets cached
lglop193:/ # cd /etc/security/keytabs/
lglop193:/etc/security/keytabs # ls
kerberos.service_check.100515.keytab
lglop193:/etc/security/keytabs # /usr/bin/kinit -c /var/lib/ambari-agent/tmp/kerberos_service_check_cc_8b60256b73fc5454fc5737d0a1ce9887 -kt /etc/security/keytabs/kerberos.service_check.100515.keytab C-100515@HADOOP.COM
kinit(v5): Key table entry not found while getting initial credentials
lglop193:/etc/security/keytabs # kinit C-100515 -k -t kerberos.service_check.100515.keytab
kinit(v5): Key table entry not found while getting initial credentials
{code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)