Siddharth Wagle created AMBARI-17744:
----------------------------------------
Summary: Enabling Kerberos on non-HDFS cluster with AMS fails
Key: AMBARI-17744
URL: https://issues.apache.org/jira/browse/AMBARI-17744
Project: Ambari
Issue Type: Bug
Components: ambari-metrics
Reporter: Siddharth Wagle
Assignee: Siddharth Wagle
Priority: Critical
Fix For: 2.4.0
Trying to enable Kerberos on an HDP 2.5 cluster with Kafka, Storm, Zookeeper,
AMS, LogSearch services. Enabling Kerberos failed on one of the hosts at
Distribute Keys step.
{code}
Traceback (most recent call last):
File
"/var/lib/ambari-agent/cache/common-services/KERBEROS/1.10.3-10/package/scripts/kerberos_client.py",
line 79, in <module>
KerberosClient().execute()
File
"/usr/lib/python2.6/site-packages/resource_management/libraries/script/script.py",
line 280, in execute
method(env)
File
"/var/lib/ambari-agent/cache/common-services/KERBEROS/1.10.3-10/package/scripts/kerberos_client.py",
line 69, in set_keytab
self.write_keytab_file()
File
"/var/lib/ambari-agent/cache/common-services/KERBEROS/1.10.3-10/package/scripts/kerberos_common.py",
line 407, in write_keytab_file
group=group)
File "/usr/lib/python2.6/site-packages/resource_management/core/base.py",
line 155, in __init__
self.env.run()
File
"/usr/lib/python2.6/site-packages/resource_management/core/environment.py",
line 160, in run
self.run_action(resource, action)
File
"/usr/lib/python2.6/site-packages/resource_management/core/environment.py",
line 124, in run_action
provider_action()
File
"/usr/lib/python2.6/site-packages/resource_management/core/providers/system.py",
line 141, in action_create
self.resource.group, mode=self.resource.mode,
cd_access=self.resource.cd_access)
File
"/usr/lib/python2.6/site-packages/resource_management/core/providers/system.py",
line 53, in _ensure_metadata
raise Fail("User '{0}' doesn't exist".format(user))
resource_management.core.exceptions.Fail: User '${hadoop-env/hdfs_user}'
doesn't exist
{code}
This seems to be because we are distributing hdfs.headless,keytab for Metrics
Collector.
{code}
{
"service": "AMBARI_METRICS",
"keytab_content_base64":
"BQIAAABKAAIAC0VYQU1QTEUuQ09NAAwke2hhZG9vcC1lbnYADmhkZnNfdXNlcn0tY2wxAAAAAVeHGtIBABEAEKnvBKMySiX9MYrs9U5DUQsAAABSAAIAC0VYQU1QTEUuQ09NAAwke2hhZG9vcC1lbnYADmhkZnNfdXNlcn0tY2wxAAAAAVeHGtIBABAAGLB6drlFdur4I+/7Fbnqc4MmueYqB4/mtQAAAEIAAgALRVhBTVBMRS5DT00ADCR7aGFkb29wLWVudgAOaGRmc191c2VyfS1jbDEAAAABV4ca0gEAAwAIPePl/pL+rY8AAABaAAIAC0VYQU1QTEUuQ09NAAwke2hhZG9vcC1lbnYADmhkZnNfdXNlcn0tY2wxAAAAAVeHGtIBABIAINULxZhJglrzXbP2E6B5WgxUbLEOwvH3SaDLRxeq5EaUAAAASgACAAtFWEFNUExFLkNPTQAMJHtoYWRvb3AtZW52AA5oZGZzX3VzZXJ9LWNsMQAAAAFXhxrSAQAXABDftzOsUQCYcK2X4eQ+Bpyk",
"keytab_file_owner_access": "r",
"hostname": "jay-hdp-3.openstacklocal",
"component": "METRICS_COLLECTOR",
"keytab_file_group_name": "hadoop",
"keytab_file_path": "/etc/security/keytabs/hdfs.headless.keytab",
"keytab_file_group_access": "r",
"keytab_file_owner_name": "${hadoop-env/hdfs_user}",
"principal": "${hadoop-env/hdfs_user}[email protected]"
},
{code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
