[
https://issues.apache.org/jira/browse/KUDU-3236?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
sun closed KUDU-3236.
---------------------
thx
> Server krbtgt/[email protected] not found in
> Kerberos database
> ---------------------------------------------------------------------------------------------
>
> Key: KUDU-3236
> URL: https://issues.apache.org/jira/browse/KUDU-3236
> Project: Kudu
> Issue Type: Task
> Components: authz
> Affects Versions: 1.10.0
> Environment: Centos7.7 kudu-1.10.0-cdh6.3.0
> Reporter: sun
> Priority: Major
> Fix For: n/a
>
>
> hi everybody,
> When I started Kerberos for kudu according to the official documents, I found
> that the result was not satisfactory:(:(. The kudu is containerized and
> installed on the big data platform. After I configured Kerberos according to
> the official documents, I found that tserver could not be registered in the
> master。What I expect is krbtgt/[email protected] ,but
> got krbtgt/[email protected].:( . could anybody
> give me some tips? thanks in advance.
> The kudu master.gflagfile:
> --log_dir=/opt/java/kudu/master/logs
> --fs_wal_dir=/opt/java/kudu/master/wal
> --fs_data_dirs=/opt/java/kudu/master/data/1,/opt/java/kudu/master/data/2,/opt/java/kudu/master/data/3
> --raft_get_node_instance_timeout_ms=300000
> --webserver_port=8051
> --master_addresses=
> service-kudu-xueliang-master-0:7051,service-kudu-xueliang-master-1:7051,service-kudu-xueliang-master-2:7051
> --block_cache_capacity_mb=512
> --memory_limit_hard_bytes=0
> --rpc_service_queue_length=50
> --max_clock_sync_error_usec=10000000
> --maintenance_manager_num_threads=1
> --webserver_doc_root=/opt/java/kudu/www
> --rpc_encryption=required
> --rpc_authentication=required
> --trusted_subnets=0.0.0.0/0
> --keytab_file=/opt/java/kudu/conf/kuduxueliang.keytab
> The kudu tserver.gflagfile:
> --log_dir=/opt/java/kudu/tserver/logs
> --fs_wal_dir=/opt/java/kudu/tserver/wal
> --fs_data_dirs=/opt/java/kudu/tserver/data/1
> --webserver_port=8050
> --tserver_master_addrs=
> service-kudu-xueliang-master-0:7051,service-kudu-xueliang-master-1:7051,service-kudu-xueliang-master-2:7051
> --block_cache_capacity_mb=512
> --memory_limit_hard_bytes=26843545600
> --rpc_service_queue_length=50
> --max_clock_sync_error_usec=10000000
> --maintenance_manager_num_threads=1
> --webserver_doc_root=/opt/java/kudu/www
> --rpc_encryption=required
> --rpc_authentication=required
> --trusted_subnets=0.0.0.0/0
> --keytab_file=/opt/java/kudu-1.10.0-cdh6.3.0/conf/kuduxueliang.keytab
> the krb5.conf:
> [logging]
> default = FILE:/var/log/krb5libs.log
> kdc = FILE:/var/log/krb5kdc.log
> admin_server = FILE:/var/log/kadmind.log
> [libdefaults]
> default_realm = BIGDATA.XUELIANG.COM
> dns_lookup_realm = true
> dns_lookup_kdc = true
> rdns = true
> ticket_lifetime = 24h
> forwardable = true
> udp_preference_limit = 0
> [realms]
> BIGDATA.XUELIANG.COM = {
> kdc = hdh136.bigdata.xueliang.com:88
> master_kdc = hdh136.bigdata.xueliang.com:88
> admin_server = hdh136.bigdata.xueliang.com:749
> default_domain = bigdata.xueliang.com
> pkinit_anchors = FILE:/var/lib/ipa-client/pki/kdc-ca-bundle.pem
> pkinit_pool = FILE:/var/lib/ipa-client/pki/ca-bundle.pem
> }
> [domain_realm]
> .bigdata.xueliang.com = BIGDATA.XUELIANG.COM
> bigdata.xueliang.com = BIGDATA.XUELIANG.COM
> hdh136.bigdata.xueliang.com = BIGDATA.XUELIANG.COM
> [dbmodules]
> BIGDATA.XUELIANG.COM = {
> db_library = ipadb.so
> }
> the kudu tserver log:
> heartbeater.cc:566] Failed to heartbeat to
> service-kudu-xueliang-master-1:7051 (7471 consecutive failures): Not
> authorized: Failed to ping master at service-kudu-xueliang-master-1:7051:
> Client connection negotiation failed: client connection to 10.103.68.4:7051:
> Server krbtgt/[email protected] not found in
> Kerberos database .
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
