You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@storm.apache.org by "Adam Muise (JIRA)" <ji...@apache.org> on 2015/01/21 17:27:34 UTC
[jira] [Comment Edited] (STORM-633) Nimbus - HTTP Error 413 full
HEAD if using kerberos authentication
[ https://issues.apache.org/jira/browse/STORM-633?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14285831#comment-14285831 ]
Adam Muise edited comment on STORM-633 at 1/21/15 4:26 PM:
-----------------------------------------------------------
Sri,
Kevin and I are on the same cluster. Here is the cleansed storm.yaml:
dev.zookeeper.path : '/tmp/dev-storm-zookeeper'
drpc.childopts : '-Xmx768m -Djava.security.auth.login.config=/etc/storm/conf/storm_jaas.conf'
drpc.invocations.port : 3773
drpc.port : 3772
drpc.queue.size : 128
drpc.request.timeout.secs : 600
drpc.worker.threads : 64
java.library.path : '/usr/local/lib:/opt/local/lib:/usr/lib:/usr/hdp/current/storm-client/lib'
logviewer.appender.name : 'A1'
logviewer.childopts : '-Xmx128m -Djava.security.auth.login.config=/etc/storm/conf/storm_jaas.conf'
logviewer.port : 8000
nimbus.childopts : '-Xmx1024m -Djava.security.auth.login.config=/etc/storm/conf/storm_jaas.conf -javaagent:/usr/hdp/current/storm-nimbus/contrib/storm-jmxetric/lib/jmxetric-1.0.4.jar=host=ac95edimstr01xxxxxxx,port=8649,wireformat31x=true,mode=multicast,config=/usr/hdp/current/storm-nimbus/contrib/storm-jmxetric/conf/jmxetric-conf.xml,process=Nimbus_JVM -Djava.security.auth.login.config=/etc/storm/conf/storm_jaas.conf -Djava.security.auth.login.config=/etc/storm/conf/storm_jaas.conf'
nimbus.cleanup.inbox.freq.secs : 600
nimbus.file.copy.expiration.secs : 600
nimbus.host : 'ac95edimstr02xxxxxxxxx'
nimbus.inbox.jar.expiration.secs : 3600
nimbus.monitor.freq.secs : 10
nimbus.reassign : true
nimbus.supervisor.timeout.secs : 60
nimbus.task.launch.secs : 120
nimbus.task.timeout.secs : 30
nimbus.thrift.max_buffer_size : 1048576
nimbus.thrift.port : 6627
nimbus.topology.validator : 'backtype.storm.nimbus.DefaultTopologyValidator'
storm.cluster.mode : 'distributed'
storm.local.dir : '/opt/hadoop/storm'
storm.local.mode.zmq : false
storm.messaging.netty.buffer_size : 5242880
storm.messaging.netty.client_worker_threads : 1
storm.messaging.netty.max_retries : 30
storm.messaging.netty.max_wait_ms : 1000
storm.messaging.netty.min_wait_ms : 100
storm.messaging.netty.server_worker_threads : 1
storm.messaging.transport : 'backtype.storm.messaging.netty.Context'
storm.zookeeper.connection.timeout : 15000
storm.zookeeper.port : 2181
storm.zookeeper.retry.interval : 1000
storm.zookeeper.retry.intervalceiling.millis : 30000
storm.zookeeper.retry.times : 5
storm.zookeeper.root : '/storm'
storm.zookeeper.servers : ['ac95edimstr01xxxxxx','ac95edimstr02xxxxxxx','ac95edidata01xxxxxxxx']
storm.zookeeper.session.timeout : 20000
supervisor.childopts : '-Xmx256m -Djava.security.auth.login.config=/etc/storm/conf/storm_jaas.conf -Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.port=56431 -javaagent:/usr/hdp/current/storm-supervisor/contrib/storm-jmxetric/lib/jmxetric-1.0.4.jar=host=ac95edimstr01xxxxxxx,port=8650,wireformat31x=true,mode=multicast,config=/usr/hdp/current/storm-supervisor/contrib/storm-jmxetric/conf/jmxetric-conf.xml,process=Supervisor_JVM -Djava.security.auth.login.config=/etc/storm/conf/storm_jaas.conf -Djava.security.auth.login.config=/etc/storm/conf/storm_jaas.conf'
supervisor.heartbeat.frequency.secs : 5
supervisor.monitor.frequency.secs : 3
supervisor.slots.ports : [6700, 6701]
supervisor.worker.start.timeout.secs : 120
supervisor.worker.timeout.secs : 30
task.heartbeat.frequency.secs : 3
task.refresh.poll.secs : 10
topology.acker.executors : null
topology.builtin.metrics.bucket.size.secs : 60
topology.debug : false
topology.disruptor.wait.strategy : 'com.lmax.disruptor.BlockingWaitStrategy'
topology.enable.message.timeouts : true
topology.error.throttle.interval.secs : 10
topology.executor.receive.buffer.size : 1024
topology.executor.send.buffer.size : 1024
topology.fall.back.on.java.serialization : true
topology.kryo.factory : 'backtype.storm.serialization.DefaultKryoFactory'
topology.max.error.report.per.interval : 5
topology.max.spout.pending : null
topology.max.task.parallelism : null
topology.message.timeout.secs : 30
topology.optimize : true
topology.receiver.buffer.size : 8
topology.skip.missing.kryo.registrations : false
topology.sleep.spout.wait.strategy.time.ms : 1
topology.spout.wait.strategy : 'backtype.storm.spout.SleepSpoutWaitStrategy'
topology.state.synchronization.timeout.secs : 60
topology.stats.sample.rate : 0.05
topology.tick.tuple.freq.secs : null
topology.transfer.buffer.size : 1024
topology.trident.batch.emit.interval.millis : 500
topology.tuple.serializer : 'backtype.storm.serialization.types.ListDelegateSerializer'
topology.worker.childopts : null
topology.worker.shared.thread.pool.size : 4
topology.workers : 1
transactional.zookeeper.port : null
transactional.zookeeper.root : '/transactional'
transactional.zookeeper.servers : null
ui.childopts : '-Xmx768m -Djava.security.auth.login.config=/etc/storm/conf/storm_jaas.conf -Dorg.eclipse.jetty.server.ssl.SslSocketConnector.requestHeaderSize=65535 -Djava.security.auth.login.config=/etc/storm/conf/storm_jaas.conf -Djava.security.auth.login.config=/etc/storm/conf/storm_jaas.conf'
ui.port : 8744
worker.childopts : '-Xmx768m -Djava.security.auth.login.config=/etc/storm/conf/storm_jaas.conf -javaagent:/usr/hdp/current/storm-client/contrib/storm-jmxetric/lib/jmxetric-1.0.4.jar=host=ac95edimstr01xxxxxxx,port=8650,wireformat31x=true,mode=multicast,config=/usr/hdp/current/storm-client/contrib/storm-jmxetric/conf/jmxetric-conf.xml,process=Worker_%ID%_JVM'
worker.heartbeat.frequency.secs : 1
zmq.hwm : 0
zmq.linger.millis : 5000
zmq.threads : 1
storm.thrift.transport : "backtype.storm.security.auth.kerberos.KerberosSaslTransportPlugin"
#
# Kerberos security section. For the reference please use: https://github.com/hortonworks/storm/blob/champlain/SECURITY.md for details
#
storm.principal.tolocal: "backtype.storm.security.auth.KerberosPrincipalToLocal"
storm.zookeeper.superACL: "sasl:edi_storm"
java.security.auth.login.config: "/etc/storm/conf/storm_jaas.conf"
nimbus.admins:
- "edi_storm"
nimbus.supervisor.users:
- "edi_storm"
nimbus.authorizer: "backtype.storm.security.auth.authorizer.SimpleACLAuthorizer"
drpc.authorizer: "backtype.storm.security.auth.authorizer.DRPCSimpleACLAuthorizer"
ui.filter: "org.apache.hadoop.security.authentication.server.AuthenticationFilter"
ui.filter.params:
"type": "kerberos"
"kerberos.principal": "HTTP/ac95edimstr02xxxxxxx@XXXXXX.ORG"
"kerberos.keytab": "/opt/hadoop/keytabs/spnego.service.keytab"
"kerberos.name.rules": "DEFAULT"
supervisor.enable: true
was (Author: amuise):
Sri,
Kevin and I are on the same cluster. Here is the cleansed storm.yaml:
> Nimbus - HTTP Error 413 full HEAD if using kerberos authentication
> ------------------------------------------------------------------
>
> Key: STORM-633
> URL: https://issues.apache.org/jira/browse/STORM-633
> Project: Apache Storm
> Issue Type: Bug
> Affects Versions: 0.9.3
> Reporter: Kevin Risden
>
> When trying to access Nimbus that is kerberized, a HTTP 413 full HEAD error is received. This seems related to the issue outlined in HADOOP-8816.
> Setting the Jetty header buffer size with ring-jetty is outlined on Stackoverflow here: http://stackoverflow.com/questions/9285096/clojure-ring-using-the-ring-jetty-adapter-large-requests-give-me-a-413-full-h
> The setting could be exposed like the host as done in STORM-575.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)