Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

HDF : Zookeeper server not starting after MIT Kerberos is enabled...

Solved Go to solution
Highlighted

HDF : Zookeeper server not starting after MIT Kerberos is enabled...

Explorer

Dear All,

I have ran into a very troublesome issue which is creating headache for the last 1 week. I installed and HDF Cluster(v3.4.1.1) with the services Nifi,Kafka,Metrics and Smart Sense. Everything was working perfectly until I decided to enable Kerberos(MIT) in the cluster. During the keberization, everything went fine till the last step.(Start and Test services). At that point, the Zookeeper server start got failed and thereafter no services are starting. The following is the error I got from the zookeeper logs.Any help is appreciated.

 

2020-03-06 18:38:51,489 - INFO [main:QuorumPeerMain@127] - Starting quorum peer
2020-03-06 18:38:51,552 - ERROR [main:QuorumPeerMain@89] - Unexpected exception, exiting abnormally
java.io.IOException: Could not configure server because SASL configuration did not allow the ZooKeeper server to authenticate itself properly:
javax.security.auth.login.LoginException: Message stream modified (41)
at org.apache.zookeeper.server.ServerCnxnFactory.configureSaslLogin(ServerCnxnFactory.java:207)
at org.apache.zookeeper.server.NIOServerCnxnFactory.configure(NIOServerCnxnFactory.java:87)
at org.apache.zookeeper.server.quorum.QuorumPeerMain.runFromConfig(QuorumPeerMain.java:130)
at org.apache.zookeeper.server.quorum.QuorumPeerMain.initializeAndRun(QuorumPeerMain.java:111)
at org.apache.zookeeper.server.quorum.QuorumPeerMain.main(QuorumPeerMain.java:78)

 

Note :

I tried setting the following resolutions that I found online. But nothing worked.

1. udp_preference_limit = 1 
2. aes256-cts
aes128-cts
des3-hmac-sha1
arcfour-hmac
des-hmac-sha1
des-cbc-md5
des-cbc-crc

3.Regenerate Keytabs

 

1 ACCEPTED SOLUTION

Accepted Solutions

Re: HDF : Zookeeper server not starting after MIT Kerberos is enabled...

Explorer

Issue resolved. Donno how it worked,but commenting out the following property in /etc/krb5.conf resolved the issue.

#renew_lifetime =7d

 

Same can be done through - Ambari-Services-Kerberos-Configs-Advanced krb5-conf- krb5-conf template.

Save the configuration and restart

View solution in original post

1 REPLY 1

Re: HDF : Zookeeper server not starting after MIT Kerberos is enabled...

Explorer

Issue resolved. Donno how it worked,but commenting out the following property in /etc/krb5.conf resolved the issue.

#renew_lifetime =7d

 

Same can be done through - Ambari-Services-Kerberos-Configs-Advanced krb5-conf- krb5-conf template.

Save the configuration and restart

View solution in original post

Don't have an account?
Coming from Hortonworks? Activate your account here