Support Questions

Find answers, ask questions, and share your expertise
Announcements
Celebrating as our community reaches 100,000 members! Thank you!

How to resolve Pig view errors on kerbereized cluster?

avatar

Hello,

I need to test a script through Pig View on my kerbereized cluster.

I attached my script details in script.png.

When i run this script i got the error mentioned in error.png through /var/log/ambari-server/pig-view/pig-view.log.

I access to Ambari UI with admin as username.

How can i resolve this issue?

I'll be really grateful if someone could help me.

1 ACCEPTED SOLUTION

avatar
Master Mentor
hide-solution

This problem has been solved!

Want to get a detailed solution you have to login/registered on the community

Register/Login
4 REPLIES 4

avatar
Master Mentor

@raouia

- Which version of ambari are you using? There is a "auth" property which is only needed if the view is Custom Configured or Ambari Server is Kerberized before 2.4.0.

- If you are using prior version of ambari then can you please check if you have set the ambari-server principal to your pig view for auth? You can refer to the following doc to get more detailed information about it: https://docs.hortonworks.com/HDPDocuments/Ambari-2.6.0.0/bk_ambari-views/content/section_pig_view_ke...

auth=KERBEROS;proxyuser=<ambari-principal-name>



You can find the ambariserver principal name inside the following file "/etc/ambari-server/conf/krb5JAASLogin.conf"

Example:

# cat /etc/ambari-server/conf/krb5JAASLogin.conf
com.sun.security.jgss.krb5.initiate {
        com.sun.security.auth.module.Krb5LoginModule required
        renewTGT=false
        doNotPrompt=true
        useKeyTab=true
        keyTab="/etc/security/keytabs/ambari.server.keytab"
        principal="ambari-server-kerberos_ambari@EXAMPLE.COM"
        storeKey=true
        useTicketCache=false;
    };

.

Also please check if you have configured the "hadoop.proxyuser" property set properly for the "HDFS" and "WebHCAT" as described in the following doc: https://docs.hortonworks.com/HDPDocuments/Ambari-2.6.0.0/bk_ambari-views/content/configuring_your_cl...

avatar

@Jay Kumar SenSharma

Thank you very much for your reply.

- My ambari version is Version 2.5.1.0.

- My ambari server is running with root user. So,i resecured my cluster with the principal "root@ROSAFI.COM" and made all the necessary configurations by following this link:

https://docs.hortonworks.com/HDPDocuments/Ambari-2.4.1.0/bk_ambari-security/content/set_up_kerberos_....

The output of file "/etc/ambari-server/conf/krb5JAASLogin.conf" is:

com.sun.security.jgss.krb5.initiate {
    com.sun.security.auth.module.Krb5LoginModule required
    renewTGT=false
    doNotPrompt=true
    useKeyTab=true
    keyTab="/etc/security/keytabs/root.server.keytab"
    principal="root@ROSAFI.COM"
    storeKey=true
    useTicketCache=false;
};

- I've also made the necessary configuration in Pig view as mentioned in pig-auth.png.

- I've set "hadoop.proxyuser" in HDFS as shown in proxyuser.png.

I'm really stuck. Please help me understanding the cause of this issue.

avatar
Master Mentor
hide-solution

This problem has been solved!

Want to get a detailed solution you have to login/registered on the community

Register/Login

avatar

@Jay Kumar SenSharma

Thank you very much. Your suggestion worked for me.