I'm using CloudBreak 2.7 for deploying my clusters. For the record: I didn't have that issue with CBD 2.6
In my kerberized cluster, when trying to start Hive Interactive I get this error:
Requested user hive is not whitelisted and has id 982,which is below the minimum allowed 1000
When I check /etc/passwd I can see that half of HDP services are below 1000 and some are above, so this error message is valid. For security I don't wont to decrease a minimal value for this. Is there a fix for that?
Many thanks in advance.
Kerberized Clusters uses "LinuxContainerExecutor" which can be tuned based on our requirement to set the min.user.id setting insie the /etc/hadoop/conf/container-executor.cfg or via Ambari as
Services > YARN > Configs tab > Advanced tab > Advanced yarn-env > "Minimum user ID for submitting job"
Please refer to the following link  to know more about the following message:
Requested user XXXXX is not whitelisted and has id 507,which is below the minimum allowed 1000
Yes, I'm aware of those settings and as I said (the link above also is mentioning this) I would like to avoid changing the default value. My question is more about, why Cloudbreak 2.7 creates service principles with low IDs when I enable kerberos?
Hi @Jakub Igla,
We're investigating this issue.
Could you share with us, which Ambari blueprint are you using?
Cloudbreak doesn't manage these IDs and it seems they are generated randomly between a range.
I suggest to try cluster creation again, sometimes hive user gets ID higher than 1000.