[
https://issues.apache.org/jira/browse/AMBARI-9098?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14367977#comment-14367977
]
Jayush Luniya commented on AMBARI-9098:
---------------------------------------
[~harisekhon]
Apologies I was just going through all the JIRAs for 2.0.0 to prepare for the
release and this wasn't marked as a blocker for 2.0.
The Kerberization of cluster is very different in 2.0.0 as compared to 1.7.0.
Are you seeing this issue in 2.0.0? Adding [~rlevas] [~bergenholtz] to validate
as well.
cc: [~dschorow] [~u39kun] [~mahadev] [~shivanigupta]
> Cannot install new secure services to existing secure HDFS cluster
> ------------------------------------------------------------------
>
> Key: AMBARI-9098
> URL: https://issues.apache.org/jira/browse/AMBARI-9098
> Project: Ambari
> Issue Type: Bug
> Components: ambari-agent, ambari-web
> Affects Versions: 1.7.0
> Reporter: Jimmy Da
> Assignee: Rishi Pidva
> Priority: Blocker
> Fix For: 2.0.0
>
> Attachments: AMBARI-9098-v1.patch
>
>
> hadoop.security.auth_to_local in core-site is overwritten to null when
> installing new service to a secure cluster
> 1. Setup secure HDFS cluster with services (HDFS, MR2, YARN, ZooKeeper) and
> Kerberos
> 2. Configure secure user for Oozie (or any other secure service) - create
> user+setup keytab
> 3. Install Oozie via Ambari UI --> FAIL
> FATAL namenode.NameNode (NameNode.java:main(1400)) - Exception in
> namenode join
> java.lang.IllegalArgumentException: Invalid rule: null
> 4. Check hadoop.security.auth_to_local property in HDFS configurations under
> Advanced core-site, see null instead of "RULE:..."
> ---------------------------------------------
> The core-site overwrite is happening in
> ambari-server/src/main/resources/stacks/HDP/2.0.6/hooks/after-INSTALL/scripts/shared_initialization.py,
> when I commented out the lines, it works again, but I'm sure there's a
> reason the check and rewrite is there
> Thanks!
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
