I’ve setup ambari to run as non-root user which has sudo access on the host with password. I’ve also setup ssh using the same sudo user. But I’m having trouble confirming hosts it says permission denied( publickey,.....). I’ve tested my ssh from server to all hosts works fine. Also /etc/hosts is updated with all hosts fqdn s.
Is the sudo with password causing the problem? @emaxwell
The non-root functionality relies on sudo to run specific commands that require elevated privileges as defined in the Sudoer Configuration - Ambari Agents. The sudo configuration is split into these sections:
Have you setup the NOPASSWD as following while configuring sudoer.
# Ambari Customizable Users ambari ALL=(ALL) NOPASSWD:SETENV: /bin/su hdfs *,/bin/su ambari-qa *,/bin/su ranger *,/bin/su zookeeper *,/bin/su knox *,/bin/su falcon *,/bin/su ams *, /bin/su flume *,/bin/su hbase *,/bin/su spark *,/bin/su accumulo *,/bin/su hive *,/bin/su hcat *,/bin/su kafka *,/bin/su mapred *,/bin/su oozie *,/bin/su sqoop *,/bin/su storm *,/bin/su tez *,/bin/su atlas *,/bin/su yarn *,/bin/su kms *,/bin/su activity_analyzer *,/bin/su livy *,/bin/su zeppelin *,/bin/su infra-solr *,/bin/su logsearch *
Can you please double check if you have followed the doc for setting up "AmbariServer as Non Root" also if you are running agents also as non root then please check the following links:
The doc states that:
Configuring Ambari Agents to run as non-root requires that you manually install agents on all nodes in the cluster. For these details, see Installing Ambari Agents Manually. After installing each agent, you must configure the agent to run as the desired, non-root user.