Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Solved Go to solution

Cloudera 5 Service Manager failed to start during Kerberos implementation

Labels:
avatar
author-rank jan.peters
Explorer

Created on ‎10-08-2014 11:55 AM - edited ‎09-16-2022 02:09 AM

Hi All,

Good news was that I was able to get CHD5.1.2 3-node cluster up and running using Cloudera Manager Installer; thanks for the help there. 

 

Now for my next adventure; I've created all the necessary Kerberos pricipals, keytab/krb5.conf files and scp'd them over to the nodes on the cluster... and then started the Kerberos set-up using Cloudera Manager.  Everything seemed to go very well... until after all configuration changes were made and the cluster was restated.  That's when disaster struck.  :-0

 

it seemed to choke on the restart of Cloudera Management Services starting with Activity manager onwards as seen below. 

10.08.14.cdh5.krbrs.pg2.jpg

 

So to provide more, here's a screenshot of the failed commands;

 

10.08.14.cdh5.krbrs.pg1.jpg

 

So now what I have is a cluster that will not start and there doesn't appear to be a clear way of rolling back the kerberos set up. 

 

I have 2 sets of questions;

  • First, what keytab file does CM think is missing? If I create and add this keytab, how do I restart the process?
  • Second, how do I recover from here? Do I have to restore a back-up and start all over again or is there a way for Cloudera Manager to roll back the Kerberos configurations?

Thank you in advance for your collective wisdom on this.

mit Freundlichen Grüßen (with Friendly Greetings),
     Jan
Jan Peters

1,626 Views
0 Kudos
1 ACCEPTED SOLUTION

avatar
author-rank jan.peters
Explorer

Created on ‎10-08-2014 03:46 PM - last edited on ‎05-16-2015 06:45 AM by Community Manager Community Manager

Okay,

I'm today's cheap entertainment...  problem solved! 😄

 

Someone disabled the krb5kdc service on our KDC server (AAARRRGGGHHH)  😮

 

so a simple service krb5kdc start there allowed the rest of the Kerberos set up to complete and we're back up using Kerberos. 

mit Freundlichen Grüßen (with Friendly Greetings),
     Jan
Jan Peters

View solution in original post

1,618 Views
0 Kudos
1 REPLY 1

avatar
author-rank jan.peters
Explorer

Created on ‎10-08-2014 03:46 PM - last edited on ‎05-16-2015 06:45 AM by Community Manager Community Manager

Okay,

I'm today's cheap entertainment...  problem solved! 😄

 

Someone disabled the krb5kdc service on our KDC server (AAARRRGGGHHH)  😮

 

so a simple service krb5kdc start there allowed the rest of the Kerberos set up to complete and we're back up using Kerberos. 

mit Freundlichen Grüßen (with Friendly Greetings),
     Jan
Jan Peters

1,619 Views
0 Kudos
Announcements
What's New @ Cloudera
Cloudera Data Engineering 1.23: Access Spark from Your Favor...
What's New @ Cloudera
HBase REST server scaling support is Generally Available
What's New @ Cloudera
New CLI option in the update-database command
What's New @ Cloudera
New Action menu item in the Cloudera Operational Database UI
What's New @ Cloudera
Get the list of supported instance types in the Cloudera Ope...
View More Announcements