-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/51739/
-----------------------------------------------------------

Review request for Ambari and Vitalyi Brodetskyi.


Bugs: AMBARI-18343
    https://issues.apache.org/jira/browse/AMBARI-18343


Repository: ambari


Description
-------

Ambari server host: 172.22.87.56

ambari-server --hash  
6aa22480916d8497d6db077f1d8e744a9c8f73f8  
Build # ambari-server-2.4.1.0-10

**Steps**

  1. Deploy HDP-242 cluster with Ambari 2.2.2.0 (secure, non-HA cluster, Ambari 
server https enabled)
  2. Enable Wire Encryption on the cluster
  3. Upgrade Ambari to 2.4.1.0 and later start ambari-server

**Result**  
Start failed with below error in logs:

    
    
    
    07 Sep 2016 14:26:55,594  INFO [main] ActionDefinitionManager:130 - Added 
custom action definition for ru_execute_tasks
    07 Sep 2016 14:26:55,619  INFO [main] CertificateManager:69 - 
Initialization of root certificate
    07 Sep 2016 14:26:55,619  INFO [main] CertificateManager:71 - Certificate 
exists:true
    07 Sep 2016 14:26:55,619  INFO [main] KerberosChecker:57 - Checking Ambari 
Server Kerberos credentials.
    07 Sep 2016 14:26:55,625 ERROR [main] AmbariServer:927 - Failed to run the 
Ambari Server
    java.lang.SecurityException: /etc/ambari-server/conf/krb5JAASLogin.conf (No 
such file or directory)
            at 
com.sun.security.auth.login.ConfigFile.<init>(ConfigFile.java:110)
            at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native 
Method)
            at 
sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57)
            at 
sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
            at java.lang.reflect.Constructor.newInstance(Constructor.java:526)
            at java.lang.Class.newInstance(Class.java:374)
            at 
javax.security.auth.login.Configuration$2.run(Configuration.java:258)
            at 
javax.security.auth.login.Configuration$2.run(Configuration.java:250)
            at java.security.AccessController.doPrivileged(Native Method)
            at 
javax.security.auth.login.Configuration.getConfiguration(Configuration.java:249)
            at 
org.apache.ambari.server.controller.utilities.KerberosChecker.checkJaasConfiguration(KerberosChecker.java:61)
            at 
org.apache.ambari.server.controller.AmbariServer.main(AmbariServer.java:922)
    Caused by: java.io.IOException: /etc/ambari-server/conf/krb5JAASLogin.conf 
(No such file or directory)
            at com.sun.security.auth.login.ConfigFile.init(ConfigFile.java:212)
            at 
com.sun.security.auth.login.ConfigFile.<init>(ConfigFile.java:108)
            ... 11 more
    07 Sep 2016 14:26:55,900  INFO [Stack Version Loading Thread] 
LatestRepoCallable:219 - Stack HDP-2.3 cannot resolve OS debian6 to the 
supported ones: redhat6,redhat7,suse11,ubuntu14,debian7,ubuntu12. Family: null
    07 Sep 2016 14:26:56,120  INFO [Stack Version Loading Thread] 
LatestRepoCallable:80 - Loading latest URL info for stack HDP-2.4 from 
http://public-repo-1.hortonworks.com/HDP/hdp_urlinfo.json
    

Checked in the directory and found the following

    
    
    
    nats11-36-juzs-dgm10toeriedwngdha-s11-5:/etc/ambari-server/conf # pwd
    /etc/ambari-server/conf
    nats11-36-juzs-dgm10toeriedwngdha-s11-5:/etc/ambari-server/conf # ls -lhrt
    total 32K
    -rw-r----- 1 root root   13 Sep  7 10:20 password.dat
    -rw-r--r-- 1 root root  300 Sep  7 11:25 krb5JAASLogin.conf.rpmsave
    -rw-r--r-- 1 root root 5.0K Sep  7 12:13 
ambari.properties.rpmsave.20160907141713
    -rw-r--r-- 1 root root 4.9K Sep  7 14:17 log4j.properties
    -rw-r--r-- 1 root root 7.5K Sep  7 17:53 ambari.properties
    

Did not hit this issue in Ambari 2.4.0 timeframe, so possibly a regression


Diffs
-----

  ambari-server/src/main/package/rpm/preinstall.sh 28878bb 

Diff: https://reviews.apache.org/r/51739/diff/


Testing
-------

mvn clean test


Thanks,

Andrew Onischuk

Reply via email to