You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@metron.apache.org by David McGinnis <mc...@avalonconsult.com> on 2018/10/30 19:29:01 UTC

Kerberos Authentication for Enrichments Parser?

All,

I'm trying to get Metron 0.4.3 set up on a secured HDP cluster. I've been
able to get the parser topology working properly, but now the enrichments
topology is giving me the following error. It appears to happen when it is
trying to read HDFS for the Geo-location database. I've removed all usage
of the geo-location feature from my parser, but it still is trying to do
this, and stopping the enrichment because of it. I've double-checked, and
all JAAS files and keytabs are globally readable (for the purposes of
testing), and checked that /usr/metron/0.4.3/client_jaas.conf and
/home/metron/.storm/client_jaas.conf both made sense. Above this error
there is a note that seems to indicate that it is looking for the Client
stanza, which both files have.

Any ideas on what steps we need to take in order to make sure that the
topology is properly authenticated? Which JAAS file is this actually using,
or how do I determine for sure?

*java.io.IOException: Failed on local exception: java.io.IOException:
javax.security.sasl.SaslException: GSS initiate failed [Caused by
GSSException: No valid credentials provided (Mechanism level: Failed to
find any Kerberos tgt)]; Host Details : local host is: "<MetronHost>";
destination host is: "<HDFSNameNode>":8020;*




-- 
David McGinnis
Staff Hadoop Consultant | Avalon Consulting, LLC
<http://www.avalonconsult.com/>M: (513) 439-0082
LinkedIn <http://www.linkedin.com/company/avalon-consulting-llc> | Google+
<http://www.google.com/+AvalonConsultingLLC> | Twitter
<https://twitter.com/avalonconsult>
-------------------------------------------------------------------------------------------------------------
This message (including any attachments) contains confidential information
intended for a specific individual and purpose, and is protected by law. If
you are not the intended recipient, you should delete this message. Any
disclosure, copying, or distribution of this message, or the taking of any
action based on it, is strictly prohibited.