[jira] [Commented] (HDDS-9728) Ozone/Ranger TENANT_AUTHORIZER_ERROR

Fri, 26 Jan 2024 04:15:26 -0800 


    [ 
https://issues.apache.org/jira/browse/HDDS-9728?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17811243#comment-17811243
 ] 

netscrol commented on HDDS-9728:
--------------------------------

Hi [~hemantk] , yes, I am listed as an administrator in ozone-site.xml, I do 
kinit and create a tenant 
{code:java}
/opt/ozone/bin/ozone tenant create test2024-2 --om-service-id=cluster1 {code}
And everything works great for about 2-3 days, but then errors appear when 
creating a tenant
{code:java}
/opt/ozone/bin/ozone tenant create test2025 --om-service-id=cluster1
2024-01-26 12:12:50,816 INFO rpc.RpcClient: Creating Tenant: 'test2025', with 
new volume: 'test2025'
TENANT_AUTHORIZER_ERROR java.io.IOException: 
org.apache.ranger.RangerServiceException: Ranger API 
org.apache.ranger.RangerClient$API@71af6a4e failed: statusCode=401, 
status=Unauthorized, response: {code}
If you restart the om.service everything starts working again, but this does 
not always help.

> Ozone/Ranger TENANT_AUTHORIZER_ERROR
> ------------------------------------
>
>                 Key: HDDS-9728
>                 URL: https://issues.apache.org/jira/browse/HDDS-9728
>             Project: Apache Ozone
>          Issue Type: Bug
>            Reporter: netscrol
>            Priority: Major
>
> When using ozone with a ranger, an error occurs 
> spontaneously(TENANT_AUTHORIZER_ERROR). All ranger functions work except for 
> operations with tenants. The error appears when trying to create a tenant or 
> add a user to a tenant.
>  
> {code:java}
> /opt/ozone/bin/ozone tenant create room-tenant --om-service-id=cluster1
> 2023-11-07 16:28:23,247 WARN util.NativeCodeLoader: Unable to load 
> native-hadoop library for your platform... using builtin-java classes where 
> applicable
> 2023-11-07 16:28:24,223 INFO rpc.RpcClient: Creating Tenant: 'room-tenant', 
> with new volume: 'room-tenant'
> TENANT_AUTHORIZER_ERROR java.io.IOException: 
> org.apache.ranger.RangerServiceException: Ranger API 
> org.apache.ranger.RangerClient$API@4a92034f failed: statusCode=401, 
> status=Unauthorized, response: {code}
> Ranger access log
>  
> {code:java}
> 10.10.1.225 - - [17/Nov/2023:18:23:01 +0000] "POST 
> /service/public/v2/api/roles?serviceName=test-ozone HTTP/1.1" 401 - 3 "-" 
> "Java/1.8.0_372" {code}
>  
>  
>  
>  
>  
>  
>  



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to