You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ambari.apache.org by Robert Levas <rl...@hortonworks.com> on 2015/05/11 21:03:21 UTC
Review Request 34051: falcon client not initalizing for secure
clusters
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/34051/
-----------------------------------------------------------
Review request for Ambari, Arpit Gupta and Sowmya Ramesh.
Bugs: AMBARI-11043
https://issues.apache.org/jira/browse/AMBARI-11043
Repository: ambari
Description
-------
```
# falcon admin -version
ERROR: Unable to initialize Falcon Client object
```
#Solution
_(proposed by Falcon developers)_
The *.falcon.http.authentication.kerberos.name.rules need to be uodated such that they are the same as hadoop.security.auth_to_local. To do this, add the following under the relevant service item in the Falcon kerberos.json file:
```
"auth_to_local_properties" : [
"falcon-startup.properties/*.falcon.http.authentication.kerberos.name.rules"
],
```
For example:
```
{
"services": [
{
"name": "FALCON",
...
"auth_to_local_properties" : [
"falcon-startup.properties/*.falcon.http.authentication.kerberos.name.rules"
],
...
}
]
}
```
Diffs
-----
ambari-server/src/main/resources/common-services/FALCON/0.5.0.2.1/kerberos.json 6f34933
Diff: https://reviews.apache.org/r/34051/diff/
Testing
-------
Manaully tested to see if `falcon admin -version` worked in Kerberized cluster (as ambari-qa@EXAMPLE.COM and as HTTP/_host_@EXAMPLE.COM)
Thanks,
Robert Levas
Re: Review Request 34051: falcon client not initalizing for secure
clusters
Posted by Sowmya Ramesh <sr...@hortonworks.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/34051/#review83269
-----------------------------------------------------------
Ship it!
LGTM. Thanks!
- Sowmya Ramesh
On May 11, 2015, 7:03 p.m., Robert Levas wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/34051/
> -----------------------------------------------------------
>
> (Updated May 11, 2015, 7:03 p.m.)
>
>
> Review request for Ambari, Arpit Gupta and Sowmya Ramesh.
>
>
> Bugs: AMBARI-11043
> https://issues.apache.org/jira/browse/AMBARI-11043
>
>
> Repository: ambari
>
>
> Description
> -------
>
> ```
> # falcon admin -version
> ERROR: Unable to initialize Falcon Client object
> ```
>
> #Solution
> _(proposed by Falcon developers)_
> The *.falcon.http.authentication.kerberos.name.rules need to be uodated such that they are the same as hadoop.security.auth_to_local. To do this, add the following under the relevant service item in the Falcon kerberos.json file:
>
> ```
> "auth_to_local_properties" : [
> "falcon-startup.properties/*.falcon.http.authentication.kerberos.name.rules"
> ],
> ```
>
> For example:
>
> ```
> {
> "services": [
> {
> "name": "FALCON",
> ...
> "auth_to_local_properties" : [
> "falcon-startup.properties/*.falcon.http.authentication.kerberos.name.rules"
> ],
> ...
> }
> ]
> }
> ```
>
>
> Diffs
> -----
>
> ambari-server/src/main/resources/common-services/FALCON/0.5.0.2.1/kerberos.json 6f34933
>
> Diff: https://reviews.apache.org/r/34051/diff/
>
>
> Testing
> -------
>
> Manaully tested to see if `falcon admin -version` worked in Kerberized cluster (as ambari-qa@EXAMPLE.COM and as HTTP/_host_@EXAMPLE.COM)
>
>
> Thanks,
>
> Robert Levas
>
>