Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

CDH 5.10 cluster serives fail after enabling Kerberos

Highlighted

CDH 5.10 cluster serives fail after enabling Kerberos

New Contributor

Hi,

 

We have configured CDH 5.10 cluster using CentOS 7 Servers. Its working with basic authentication. But when we enabled Kerberos on Cloudera manager using Wizard, we are facing following issues in cluster.

 

Please note that KDC is configured on different server other than CM Servers and hosts. Kerberos wizard ran successfully.Kerberos wizardKerberos wizard

 

1. HDFS (canary, connection) fail after enabling kerberos security
2. HistoryServer not able read log after anabling kerberos
3. Job History server is failing to start with stale file handle
4. Hue: The Cloudera Manager Agent is not able to communicate with this role's web server
5. kinit: KDC has no support for encryption type while getting initial credentials

 

Please suggest do we need any additional configuration to get the Kerberos authentication working?

 

2 REPLIES 2
Highlighted

Re: CDH 5.10 cluster serives fail after enabling Kerberos

New Contributor

Any help would be appreciated.

Highlighted

Re: CDH 5.10 cluster serives fail after enabling Kerberos

Contributor

From the error message, it looks like the encryption type configured for Kerberos clients (all your cluster nodes) is not supported by your KDC, which is why none of the services can authenticate.

 

Please compare the kerberos server and client configurations and reconfigure krb5.conf on all your nodes to explicitly use the supported encryption type.

 

 

Don't have an account?
Coming from Hortonworks? Activate your account here