Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

HIVE health issues after Kerberos implementation

Highlighted

HIVE health issues after Kerberos implementation

New Contributor

Hello,

 

We run CDH5.15 and implemented Kerberos. Now, we have 2 health issues with HIVE as follows. 

 

We are not sure what we miss and what we need to change/adjust to avoid this. 

 

We would appreciate your help.

 

Regards,

 

Meirav

 

===================================================================================

CM Screen Messages:

Bad : There is a problem processing audits for HIVESERVER2.

Actions

Advice

This HiveServer2 health test checks that the Auditing for the HiveServer2 role is getting processed correctly and is not blocked.

A failure of this health test may indicate a problem with the audit pipeline of HiveServer2 process. This test can fail either because the Cloudera Audit Server is not accepting audits, or the Cloudera Manager Agent on the HiveServer2 host isn't able to send audits because of some network issue. Check the Cloudera Manager Agent logs and Cloudera Audit Server logs for more details.

This test can be enabled or disabled using the Navigator Audit Pipeline Health Check HiveServer2 monitoring setting.

====================================================================================

Role Log Warning Messages:

2:18:46.392 PM

WARN

UserGroupInformation

[Thread-0]: PriviledgedActionException as:hive/XXX.CO.IL (auth:KERBEROS) cause:javax.security.sasl.SaslException: GSS initiate failed [Caused by GSSException: No valid credentials provided (Mechanism level: Failed to find any Kerberos tgt)]

2:18:46.392 PM

WARN

Client

[Thread-0]: Exception encountered while connecting to the server : javax.security.sasl.SaslException: GSS initiate failed [Caused by GSSException: No valid credentials provided (Mechanism level: Failed to find any Kerberos tgt)]

2:18:46.392 PM

WARN

UserGroupInformation

[Thread-0]: PriviledgedActionException as:hive/XXX.CO.IL (auth:KERBEROS) cause:java.io.IOException: javax.security.sasl.SaslException: GSS initiate failed [Caused by GSSException: No valid credentials provided (Mechanism level: Failed to find any Kerberos tgt)]