Support Questions

Find answers, ask questions, and share your expertise

Ambari is not creating keytab files though it says it has created

avatar
Contributor

Hi All,

I'm facing an issue while installing a new component to already kerberized cluster.

The installation happens successfully without any issues but services do not start due to unavailability of keytab file on that host where new component is installed.

After the installation I validated that new keytab files are not created in the designated location but ambari says it has created the keytabs and distributed to that host.

Ambari : 2.5.1

HDP : 2.6.1

1 ACCEPTED SOLUTION

avatar
Contributor

Apologies @nkumar for the delay in response.

The issue is related to Ambari which behaves differently after disabling and re-enabling the kerberos.

Issue got fixed after making changes to ambari with the help of Hortonworks Support using below REST calls.

curl -u test:test -H "X-Requested-By: ambari" -X POST http://ambari-server:8080/api/v1/clusters/MyClusterName/services/KERBEROS

curl -u test:test -H "X-Requested-By: ambari" -X POST http://ambari-server:8080/api/v1/clusters/MyClusterName/services/KERBEROS/components/KERBEROS_CLIENT

curl -s -u test:test http://ambari-server:8080/api/v1/hosts|grep host_name| sed -n 's/.*"host_name" : "\([^\"]*\)".*/\1/p'>hostcluster.txt

for i in `cat hostcluster.txt`; do curl -u test:test -H "X-Requested-By: ambari" -X POST http://ambari-server:8080/api/v1/clusters/MyClusterName/hosts/$i/host_components/KERBEROS_CLIENT; done

curl -u test:test -H 'X-Requested-By: ambari' -X PUT -d '{"HostRoles": {"state":"INSTALLED"}}' http://ambari-server:8080/api/v1/clusters/MyClusterName/host_components?HostRoles/state=INIT

curl -H "X-Requested-By:ambari" -u test:test -i -X PUT -d @./payload.json http://ambari-server:8080/api/v1/clusters/MyClusterName

View solution in original post

10 REPLIES 10

avatar

Hi @dgiri_india1989 

 

Could you please share more details for this issue about how you are able to fix this. 

We are also facing similar issue with Ranger KMS service.

RangerKMS Principal is created in AD KDC, Also Keytab creation is success according to Ambari Server log, but it's not distributed to RangerKMS service hosted node. Due to this service is not starting up. 

 

Thank you.