Support Questions

milan_sladky · ‎05-31-2016

Hello,

Due to many reasons I am not able to use ports 8440 and 8441 for Ambari handshakes and heartbeats. Where can I set these ports to something suitable for my environment?

Thx a lot.

jyadav · ‎05-31-2016

@Milan Sladky

Try through this command.

ambari-server setup-security

View solution in original post

jyadav · ‎05-31-2016

@Milan Sladky

Try through this command.

ambari-server setup-security

milan_sladky · ‎05-31-2016

No, it's not possible to set it up there... 😞

jyadav · ‎05-31-2016

@Milan Sladky

What error you are getting? alternatively you can try setting below parameter manually in ambari-server.properties file and see if that solve your problem. Make sure amabri agent conf should knows about these ports.

security.server.two_way_ssl.port=8787
security.server.one_way_ssl.port=8788

milan_sladky · ‎05-31-2016

Thanks for pointing me out @Jitendra Yadav, I was able to get it working via config files. However which one of these options in ambari-server setup-security" will achieve the same result?

[root@poc3:/etc] ambari-server setup-security
Using python  /usr/bin/python
Security setup options...
===========================================================================
Choose one of the following options: 
  [1] Enable HTTPS for Ambari server.
  [2] Encrypt passwords stored in ambari.properties file.
  [3] Setup Ambari kerberos JAAS configuration.
  [4] Setup truststore.
  [5] Import certificate to truststore.
===========================================================================
Enter choice, (1-5):

jyadav · ‎05-31-2016

@Milan Sladky

Great 🙂 , please accept the answer to close this thread.

sshimpi · ‎05-31-2016

@Milan Sladky

per documentation it say we can add the property "client.api.port=<port_number>" and can modify the port number to some other value -

https://docs.hortonworks.com/HDPDocuments/Ambari-2.1.1.0/bk_ambari_reference_guide/content/_optional...

But this doesn't works. When i tried adding this property and restart ambari then usually ambari listen on both ports - ie new port and 8441.

When checked in ambari code, i see the value is hard coded. Please check below -

ambari -> Configuration.java

public static final String SRVR_TWO_WAY_SSL_PORT_DEFAULT = "8441";

public static final String SRVR_ONE_WAY_SSL_PORT_DEFAULT = "8440";

I think this is BUG.

sshimpi · ‎05-31-2016

For client you can use "/etc/ambari-agent/conf/ambari-agent.ini"

and modify below params -

url_port=8440

secured_url_port=8441

milan_sladky · ‎05-31-2016

I was able to get it working:

On the Ambari Server set these parameters in /etc/ambari-server/conf/ambari.properties:

security.server.two_way_ssl.port=5222
security.server.one_way_ssl.port=5223

On the Ambari Agent set "url_port" and "secured_url_port" parameters in [server] section in /etc/ambari-agent/conf/ambari-agent.ini:

[server]
url_port=5223
secured_url_port=5222

Then restart both server and agent(s).

mhovermale · ‎05-31-2016

Created Jira issue: https://hortonworks.jira.com/browse/BUG-58987 to correct/clarify the linked instruction

Cloudera Community

Support Questions

Change Ambari heartbeat and handshake ports