[jira] [Commented] (METRON-821) Minor fixes in full dev kerberos setup instructions

Fri, 14 Apr 2017 13:27:07 -0700 

    [ 
https://issues.apache.org/jira/browse/METRON-821?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15969484#comment-15969484
 ] 

ASF GitHub Bot commented on METRON-821:
---------------------------------------

Github user JonZeolla commented on the issue:

    https://github.com/apache/incubator-metron/pull/510
  
    I think the docs are cleaned up in the way that I intended to do with this 
PR, but I'm running into an issue proving that they're successful.  Perhaps 
someone can provide some feedback?  
    
    ```
    [metron@node1 ~]$ curl -XGET "${ZOOKEEPER}:9200/bro*/_count"
    {"count":1740,"_shards":{"total":1,"successful":1,"failed":0}}[metron@node1 
~]$
    [metron@node1 ~]$ kinit -kt /etc/security/keytabs/metron.headless.keytab 
[email protected]
    [metron@node1 ~]$ head -1 sample-bro.txt
    
{"http":{"ts":1402307733.473,"uid":"CTo78A11g7CYbbOHvj","id.orig_h":"192.249.113.37","id.orig_p":58808,"id.resp_h":"72.163.4.161","id.resp_p":80,"trans_depth":1,"method":"GET","host":"www.cisco.com","uri":"/","user_agent":"curl/7.22.0
 (x86_64-pc-linux-gnu) libcurl/7.22.0 OpenSSL/1.0.1 zlib/1.2.3.4 libidn/1.23 
librtmp/2.3","request_body_len":0,"response_body_len":25523,"status_code":200,"status_msg":"OK","tags":[],"resp_fuids":["FJDyMC15lxUn5ngPfd"],"resp_mime_types":["text/html"]}}
    [metron@node1 ~]$ cat sample-bro.txt | 
${HDP_HOME}/kafka-broker/bin/kafka-console-producer.sh --broker-list 
${BROKERLIST}:6667 --security-protocol SASL_PLAINTEXT --topic bro
    [2017-04-14 20:13:07,290] WARN The TGT cannot be renewed beyond the next 
expiry date: Sat Apr 15 20:12:58 UTC 2017.This process will not be able to 
authenticate new SASL connections after that time (for example, it will not be 
able to authenticate a new connection with a Kafka Broker).  Ask your system 
administrator to either increase the 'renew until' time by doing : 'modprinc 
-maxrenewlife null ' within kadmin, or instead, to generate a keytab for null. 
Because the TGT's expiry cannot be further extended by refreshing, exiting 
refresh thread now. (org.apache.kafka.common.security.kerberos.KerberosLogin)
    [metron@node1 ~]$ curl -XGET "${ZOOKEEPER}:9200/bro*/_count"
    {"count":1740,"_shards":{"total":1,"successful":1,"failed":0}}[metron@node1 
~]$
    [metron@node1 ~]$ date
    Fri Apr 14 20:13:16 UTC 2017
    [metron@node1 ~]$ date;curl -XGET "${ZOOKEEPER}:9200/bro*/_count"
    Fri Apr 14 20:13:49 UTC 2017
    {"count":1740,"_shards":{"total":1,"successful":1,"failed":0}}[metron@node1 
~]$
    ```
    In my storm worker.logs I'm seeing things like:
    ```
    org.apache.kafka.common.KafkaException: Failed to construct kafka consumer
            at 
org.apache.kafka.clients.consumer.KafkaConsumer.<init>(KafkaConsumer.java:702) 
~[stormjar.jar:?]
            at 
org.apache.kafka.clients.consumer.KafkaConsumer.<init>(KafkaConsumer.java:557) 
~[stormjar.jar:?]
            at 
org.apache.storm.kafka.spout.KafkaSpout.subscribeKafkaConsumer(KafkaSpout.java:350)
 ~[stormjar.jar:?]
            at 
org.apache.storm.kafka.spout.KafkaSpout.activate(KafkaSpout.java:346) 
~[stormjar.jar:?]
            at 
org.apache.storm.daemon.executor$fn__6505$fn__6520$fn__6551.invoke(executor.clj:646)
 ~[storm-core-1.0.1.2.5.3.0-37.jar:1.0.1.2.5.3.0-37]
            at org.apache.storm.util$async_loop$fn__554.invoke(util.clj:484) 
[storm-core-1.0.1.2.5.3.0-37.jar:1.0.1.2.5.3.0-37]
            at clojure.lang.AFn.run(AFn.java:22) [clojure-1.7.0.jar:?]
            at java.lang.Thread.run(Thread.java:745) [?:1.8.0_77]
    Caused by: java.lang.IllegalArgumentException: No enum constant 
org.apache.kafka.common.protocol.SecurityProtocol.PLAINTEXTSASL
            at java.lang.Enum.valueOf(Enum.java:238) ~[?:1.8.0_77]
            at 
org.apache.kafka.common.protocol.SecurityProtocol.valueOf(SecurityProtocol.java:28)
 ~[stormjar.jar:?]
            at 
org.apache.kafka.common.protocol.SecurityProtocol.forName(SecurityProtocol.java:89)
 ~[stormjar.jar:?]
            at 
org.apache.kafka.clients.ClientUtils.createChannelBuilder(ClientUtils.java:79) 
~[stormjar.jar:?]
            at 
org.apache.kafka.clients.consumer.KafkaConsumer.<init>(KafkaConsumer.java:623) 
~[stormjar.jar:?]
            ... 7 more
    ```
    More details 
[here](https://gist.github.com/JonZeolla/1f74e002f96081fe7ab66664f813caa7).


> Minor fixes in full dev kerberos setup instructions
> ---------------------------------------------------
>
>                 Key: METRON-821
>                 URL: https://issues.apache.org/jira/browse/METRON-821
>             Project: Metron
>          Issue Type: Bug
>            Reporter: Jon Zeolla
>            Assignee: Jon Zeolla
>
> There is at least one error in metron-deployment/vagrant/Kerberos-setup.md 
> and some other very minor changes for clarity/accuracy.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Reply via email to