You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ambari.apache.org by "Alejandro Fernandez (JIRA)" <ji...@apache.org> on 2016/01/19 19:40:39 UTC
[jira] [Created] (AMBARI-14726) Knox Gateway start fails on HDP
2.3.4 due to wrong symlink
Alejandro Fernandez created AMBARI-14726:
--------------------------------------------
Summary: Knox Gateway start fails on HDP 2.3.4 due to wrong symlink
Key: AMBARI-14726
URL: https://issues.apache.org/jira/browse/AMBARI-14726
Project: Ambari
Issue Type: Bug
Components: ambari-server
Affects Versions: 2.2.1
Reporter: Alejandro Fernandez
Fix For: 2.2.1
Posted on the forum: https://community.hortonworks.com/questions/7750/knox-gateway-start-fail.html
by Jose Guillen
Install HDP 2.3.latest with Knox on a single host.
Immediately after install, restart Knox.
It fails with this error on both JDK 1.7 and 1.8
{code}
2016-01-15 15:37:00,440 - Execute['/usr/hdp/current/knox-server/bin/knoxcli.sh create-master --master [PROTECTED]'] {'environment': {'JAVA_HOME': u'/usr/jdk64/jdk1.7.0_67'}, 'not_if': "ambari-sudo.sh su knox -l -s /bin/bash -c 'test -f /var/lib/knox/data/security/master'", 'user': 'knox'}
{code}
Originates to /var/lib/ambari-agent/cache/common-services/KNOX/0.5.0.2.2/package/scripts/knox.py
{code}
cmd = format('{knox_client_bin} create-master --master {knox_master_secret!p}')
master_secret_exist = as_user(format('test -f {knox_master_secret_path}'), params.knox_user)
Execute(cmd,user=params.knox_user,environment={'JAVA_HOME': params.java_home},not_if=master_secret_exist,)
{knox_master_secret_path}
{code}
resolves to /var/lib/knox/data/security/master (as defined in /var/lib/ambari-agent/cache/common-services/KNOX/0.5.0.2.2/package/scripts/params_linux.py). The problem is that the Knox master file does not exist on this location. The directory /var/lib/knox/data does exist, but the content is empty.
Instead, the master key is located here: /usr/hdp/current/knox-server/data/security/master
In the file /var/lib/ambari-agent/cache/common-services/KNOX/0.5.0.2.2/package/scripts/knox_gateway.py, I also see something with removing/setting symbolic links:
{code}
# Used to setup symlink, needed to update the knox managed symlink, in case of custom locations
if os.path.islink(params.knox_managed_pid_symlink) and os.path.realpath(params.knox_managed_pid_symlink) != params.knox_pid_dir:
os.unlink(params.knox_managed_pid_symlink)
os.symlink(params.knox_pid_dir, params.knox_managed_pid_symlink)
{code}
Perhaps something goes wrong with the symbolic links? (when you install HDP2.3 successfully, but try to restart all services immediately after the installation?)
----
In any case, the following modification resolved the issue for me.. I'm not sure if it covers everything (e.g. what will happen if you change the Knox master key via the Ambari web interface??), but I don't have any more time to be stuck on this issue
Open /var/lib/ambari-agent/cache/common-services/KNOX/0.5.0.2.2/package/scripts/params_linux.py
Change:
{code}
knox_master_secret_path = '/var/lib/knox/data/security/master'
knox_cert_store_path = '/var/lib/knox/data/security/keystores/gateway.jks'
{code}
to:
{code}
knox_master_secret_path = '/usr/hdp/current/knox-server/data/security/master'
knox_cert_store_path = '/usr/hdp/current/knox-server/data/security/keystores/gateway.jks'
{code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)