You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@ambari.apache.org by "Sumit Mohanty (JIRA)" <ji...@apache.org> on 2016/07/15 20:41:20 UTC
[jira] [Commented] (AMBARI-17744) Enabling Kerberos on non-HDFS
cluster with AMS fails
[ https://issues.apache.org/jira/browse/AMBARI-17744?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15380078#comment-15380078 ]
Sumit Mohanty commented on AMBARI-17744:
----------------------------------------
LGTM, +1
> Enabling Kerberos on non-HDFS cluster with AMS fails
> ----------------------------------------------------
>
> Key: AMBARI-17744
> URL: https://issues.apache.org/jira/browse/AMBARI-17744
> Project: Ambari
> Issue Type: Bug
> Components: ambari-metrics
> Reporter: Siddharth Wagle
> Assignee: Siddharth Wagle
> Priority: Critical
> Fix For: 2.4.0
>
> Attachments: AMBARI-17744.patch
>
>
> Trying to enable Kerberos on an HDP 2.5 cluster with Kafka, Storm, Zookeeper, AMS, LogSearch services. Enabling Kerberos failed on one of the hosts at Distribute Keys step.
> {code}
> Traceback (most recent call last):
> File "/var/lib/ambari-agent/cache/common-services/KERBEROS/1.10.3-10/package/scripts/kerberos_client.py", line 79, in <module>
> KerberosClient().execute()
> File "/usr/lib/python2.6/site-packages/resource_management/libraries/script/script.py", line 280, in execute
> method(env)
> File "/var/lib/ambari-agent/cache/common-services/KERBEROS/1.10.3-10/package/scripts/kerberos_client.py", line 69, in set_keytab
> self.write_keytab_file()
> File "/var/lib/ambari-agent/cache/common-services/KERBEROS/1.10.3-10/package/scripts/kerberos_common.py", line 407, in write_keytab_file
> group=group)
> File "/usr/lib/python2.6/site-packages/resource_management/core/base.py", line 155, in __init__
> self.env.run()
> File "/usr/lib/python2.6/site-packages/resource_management/core/environment.py", line 160, in run
> self.run_action(resource, action)
> File "/usr/lib/python2.6/site-packages/resource_management/core/environment.py", line 124, in run_action
> provider_action()
> File "/usr/lib/python2.6/site-packages/resource_management/core/providers/system.py", line 141, in action_create
> self.resource.group, mode=self.resource.mode, cd_access=self.resource.cd_access)
> File "/usr/lib/python2.6/site-packages/resource_management/core/providers/system.py", line 53, in _ensure_metadata
> raise Fail("User '{0}' doesn't exist".format(user))
> resource_management.core.exceptions.Fail: User '${hadoop-env/hdfs_user}' doesn't exist
> {code}
>
> This seems to be because we are distributing hdfs.headless,keytab for Metrics Collector.
> {code}
> {
> "service": "AMBARI_METRICS",
> "keytab_content_base64": "BQIAAABKAAIAC0VYQU1QTEUuQ09NAAwke2hhZG9vcC1lbnYADmhkZnNfdXNlcn0tY2wxAAAAAVeHGtIBABEAEKnvBKMySiX9MYrs9U5DUQsAAABSAAIAC0VYQU1QTEUuQ09NAAwke2hhZG9vcC1lbnYADmhkZnNfdXNlcn0tY2wxAAAAAVeHGtIBABAAGLB6drlFdur4I+/7Fbnqc4MmueYqB4/mtQAAAEIAAgALRVhBTVBMRS5DT00ADCR7aGFkb29wLWVudgAOaGRmc191c2VyfS1jbDEAAAABV4ca0gEAAwAIPePl/pL+rY8AAABaAAIAC0VYQU1QTEUuQ09NAAwke2hhZG9vcC1lbnYADmhkZnNfdXNlcn0tY2wxAAAAAVeHGtIBABIAINULxZhJglrzXbP2E6B5WgxUbLEOwvH3SaDLRxeq5EaUAAAASgACAAtFWEFNUExFLkNPTQAMJHtoYWRvb3AtZW52AA5oZGZzX3VzZXJ9LWNsMQAAAAFXhxrSAQAXABDftzOsUQCYcK2X4eQ+Bpyk",
> "keytab_file_owner_access": "r",
> "hostname": "jay-hdp-3.openstacklocal",
> "component": "METRICS_COLLECTOR",
> "keytab_file_group_name": "hadoop",
> "keytab_file_path": "/etc/security/keytabs/hdfs.headless.keytab",
> "keytab_file_group_access": "r",
> "keytab_file_owner_name": "${hadoop-env/hdfs_user}",
> "principal": "${hadoop-env/hdfs_user}-cl1@EXAMPLE.COM"
> },
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)