Support Questions
Find answers, ask questions, and share your expertise

Hadoop -- Principles getting lost from cluster nodes

Highlighted

Hadoop -- Principles getting lost from cluster nodes

Explorer

Dear Community,

I have set the Kerberos on Hadoop Cluster Ambari on 8 nodes.

I was getting errors like

20/02/06 11:09:13 WARN ipc.Client: Exception encountered while connecting to the server : org.apache.hadoop.security.AccessControlException: Client cannot authenticate via:[TOKEN, KERBEROS]
mkdir: DestHost:destPort namenode:8020 , LocalHost:localPort edgenode/10.48.142.32:0. Failed on local exception: java.io.IOException: org.apache.hadoop.security.AccessControlException: Client cannot authenticate via:[TOKEN, KERBEROS]

 

When I registered the principles on all nodes like :

kinit -kt /etc/security/keytabs/hdfs.headless.keytab hdfs-cluster@REALM.COM

and the error getting disappeared

I have integrated hadoop with active directory, so I also do this

su user1

kinit -kt user1.keytab user1@REALM.COM

otherwise user1 could not sent jobs to yarn

Should I create keytab per user? (active directory ones?)

The main issue that when I reconnect to the cluster the day after I get the same issue of kerberos token!!

I have to set again principals on all nodes and for all users

Is there any way to set permanently these principles please?

 

Thanks a lot in advance

Asma

1 REPLY 1
Highlighted

Re: Hadoop -- Principles getting lost from cluster nodes

Master Collaborator

@asmarz I think this is the duplicate of this thread:

https://community.cloudera.com/t5/Support-Questions/Adding-Active-Directory-Users-on-Hadoop-Cluster-...

 

Let me know if I am wrong.


Cheers!
Was your question answered? Make sure to mark the answer as the accepted solution.
If you find a reply useful, say thanks by clicking on the thumbs up button.
Don't have an account?