i) Cluster A is Kerberos enabled and it has Encryption_zone with KMS.
ii) Cluster B is Kerberos enabled and it has Encryption_zone with KMS.
From cluster A to B I have enabled trust between 2 KDC's and its working fine. I was able to do Distcp from B cluster.
I am able to access the cluster A from cluster B and able read the data from Users Home directory.
1)But I have a requirement such way that from Cluster B I have read cluster A encrytion_zone data. I looged with Cluster A kerberos Cred's in cluster B and when i am trying to access cluster A encryption_zone i am not able to see decrypt output.
2) Through spark-shell, I read cluster B data and trying access and facing below error.
I am doing this from cluster B
scala> val txt = sc.textFile("hdfs://Exnameservice/user/Exuser/tmp/sk_stg.conf") txt: org.apache.spark.rdd.RDD[String] = hdfs://Exnameservice/user/Exuser/tmp/sk_stg.conf MapPartitionsRDD at textFile at <console>:27
18/02/26 14:41:45 WARN scheduler.TaskSetManager: Lost task 0.0 in stage 0.0 (TID 0, clusterB15.examaple.com): java.io.IOException: Failed on local exception: java.io.IOException: org.apache.hadoop.security.AccessControlException: Client cannot authenticate via:[TOKEN, KERBEROS]; Host Details : local host is: "clusterB15.examaple.com/172.xx.xx.xx"; destination host is: "clusterAnamenode1.example1.com":8020;