Dan Bahir created STORM-1521:
--------------------------------
Summary: When using keytab Kerberos ticket is not renewed with
multiple bolts/executors
Key: STORM-1521
URL: https://issues.apache.org/jira/browse/STORM-1521
Project: Apache Storm
Issue Type: Bug
Components: storm-hbase
Affects Versions: 0.10.0, 0.9.5
Reporter: Dan Bahir
Assignee: Dan Bahir
When logging in with a keytab, if the topology has more than one instance of an
HBase bolt then the ticket will not be automatically renewed.
Expected: The ticket will be automatically renewed and the bolt will be able to
write to the database.
Actual: The ticket is not renewed and the bolt loses access to HBase.
Note when there is only one bolt with one executor is renews correctly.
Exception in bolt is:
2015-12-18T09:41:13.862-0500 o.a.h.s.UserGroupInformation [ERROR]
PriviledgedActionException as:[email protected]
cause:javax.security.sasl.SaslException: GSS initiate failed [Caused by
GSSException: No valid credentials provided (Mechanism level: Failed to find any
Kerberos tgt)]
2015-12-18T09:41:13.862-0500 o.a.h.i.RpcClient [WARN] Exception encountered
while connecting to the server : javax.security.sasl.SaslException: GSS initiate
failed [Caused by GSSException: No valid credentials provided (Mechanism level:
Failed to find any Kerberos tgt)]
2015-12-18T09:41:13.863-0500 o.a.h.i.RpcClient [ERROR] SASL authentication
failed. The most likely cause is missing or invalid credentials. Consider
'kinit'.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
