Support Questions

james_bashforth · ‎08-16-2018

I'm working on a kerberized cluster that was provisioned through cloudbreak. When running a spark sql query through Zeppelin I am hitting an error stating Yarn is unable to find the user. ldap sync is enabled in ambari and ranger and the users and groups have been populated. Is there something else that needs to be enabled in cloudbreak to make this work. I did notice that cloudbreak doesnt domain join the nodes so an os ldap lookup isnt possible.

cravani · ‎08-16-2018

It looks Yarn job is running as end-user (Kerberos ticket user). You need to have the user on all the Nodemanager hosts with the same UserID. If you are using AD/LDAP user for Kerberos ticket, you may want to sync users to all the Nodemanagers via SSSD.

james_bashforth · ‎08-17-2018

Hi Chiran, thanks for your response. I figured this may be the issue. What would be the best way for me to accomplish this with cloudbreak. As far as I can tell SSSD isnt working as no domain joining has happened.

james_bashforth · ‎08-20-2018

I have manually connected the hosts to the domain and apart from a strange Atlas issue (not recognizing that a user is part of an ad group) all is working well. My issue now is how can I accomplish this with cloudbreak so that I can maintain scale up and down capability?

mmolnar · ‎08-22-2018

Hi @James,

You might use a recipe for this:

https://docs.hortonworks.com/HDPDocuments/Cloudbreak/Cloudbreak-2.7.1/content/recipes/index.html

The only drawback that you can assign recipes only in cluster creation time, so you can't attach a new recipe to an existing cluster.

Support Questions

Cloudbreak kerberos - yarn unable to find user