01-04-2017 07:30 AM
01-04-2017 07:49 AM
Thanks for your quick response. I did the quick test after putting the client side setting, but it still doesn't work. I still saw MR job failed due to No Route to Host from slave 1 to slave 2 on port not defined within the set range.
01-04-2017 07:57 AM - edited 01-04-2017 08:08 AM
Have you already ensured your launched app's specific configuration page on the JobHistory reflects the changed configs? Did you ensure to also deploy the client config change via a cluster-wide redeploy? https://www.youtube.com/watch?v=4S9H3wftM_0
I'm able to limit the ports just fine. The test case even passes.
Given you appear to have pre-limited iptables rules causing a NoRouteToHost for the IPCs between client and MR2 AM, have you already ensured that among the open port range you are able to make a proper connection by running something outside of CDH such as a simple Python HTTP service (python -m SimpleHttpServer -p some_target_open_range_port) on all NodeManagers and connecting to them from the edge host?
01-04-2017 08:20 AM - edited 01-04-2017 09:13 AM
Redeployed the client configuration from CM. Checked both yarn and hive configuration, both mapred-site.xml files have the correct configuration reflected.
01-04-2017 08:39 AM - edited 01-04-2017 09:47 AM
I am not using iptables, using firewalld instead on Centos 7.x. The error I saw is caused by Hive doing select count(*) on a table, and the log indicates that the communication is between two slave nodes, not between edge node and AM.
Please check your test setting. If your range is large enough, some jobs might succeed. With my current setting of 6000 port range, some jobs failed, and some succeeded by retrying and hitting the port within the range.
03-15-2017 11:58 AM
I am in the same boat - we have a restrictive firewall in place and I am trying to open a range of ports 49900 - 50000 with the following in the mapred-site.xml.
I am not able to restrict the ports at all - I see the following when I run my job -
Got exception: java.net.NoRouteToHostException: No Route to Host from rm.domain.com/X.X.X.XXXX to workernodeX.domain.com:38470 - AFAIK - No route to host means the destination firewall is kicking me out.
I am on cloudera CDH 5.10.0 - does it include the below fix forhttps://issues.apache.org/jira/browse/MAPREDUCE-6338? If not which version would - I need to run this thing with extensive firewall in place and hence the question.
Thanks in advance for your help!
10-15-2018 01:30 PM
Did anyone succussfully solved this problem. I am installing a new cloudera cluster using 5.15.1 version and we want to restrict the firewall rules in a range for the nodes to communicate. However, when i run jobs it starts using ports that are not open and hence, fails to run the job.