[
https://issues.apache.org/jira/browse/HDDS-9728?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17809690#comment-17809690
]
Hemant Kumar edited comment on HDDS-9728 at 1/26/24 6:30 AM:
-------------------------------------------------------------
[~netscrol], Did you follow the guideline as in
[S3-Multi-Tenancy|https://github.com/apache/ozone/blob/master/hadoop-hdds/docs/content/feature/S3-Multi-Tenancy.md]
and
[S3-Tenant-Commands|https://github.com/apache/ozone/blob/master/hadoop-hdds/docs/content/feature/S3-Tenant-Commands.md]?
Only Ozone cluster admin can create tenant. Once tenant is created, Ozone
cluster admin can assign a user to a tenant which will generate access Id and
secret key for that user. Which will be used to access the tenant by the user.
Please make sure you are running the creation command as ozone admin.
Also can you please add OM logs and exception trace if possible?
was (Author: JIRAUSER297350):
[~netscrol], did you follow the guideline as in
[https://github.com/apache/ozone/blob/master/hadoop-hdds/docs/content/feature/S3-Tenant-Commands.md]
and had appropriate permissions?
Also can you please add OM logs if possible?
> Ozone/Ranger TENANT_AUTHORIZER_ERROR
> ------------------------------------
>
> Key: HDDS-9728
> URL: https://issues.apache.org/jira/browse/HDDS-9728
> Project: Apache Ozone
> Issue Type: Bug
> Reporter: netscrol
> Priority: Major
>
> When using ozone with a ranger, an error occurs
> spontaneously(TENANT_AUTHORIZER_ERROR). All ranger functions work except for
> operations with tenants. The error appears when trying to create a tenant or
> add a user to a tenant.
>
> {code:java}
> /opt/ozone/bin/ozone tenant create room-tenant --om-service-id=cluster1
> 2023-11-07 16:28:23,247 WARN util.NativeCodeLoader: Unable to load
> native-hadoop library for your platform... using builtin-java classes where
> applicable
> 2023-11-07 16:28:24,223 INFO rpc.RpcClient: Creating Tenant: 'room-tenant',
> with new volume: 'room-tenant'
> TENANT_AUTHORIZER_ERROR java.io.IOException:
> org.apache.ranger.RangerServiceException: Ranger API
> org.apache.ranger.RangerClient$API@4a92034f failed: statusCode=401,
> status=Unauthorized, response: {code}
> Ranger access log
>
> {code:java}
> 10.10.1.225 - - [17/Nov/2023:18:23:01 +0000] "POST
> /service/public/v2/api/roles?serviceName=test-ozone HTTP/1.1" 401 - 3 "-"
> "Java/1.8.0_372" {code}
>
>
>
>
>
>
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
