Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search

I installed storm with ambari and enabled kerberos, but storm-ui can not be viewed.

Labels:
wangao
Explorer

Created on ‎04-01-2018 02:23 AM - edited ‎08-17-2019 10:44 PM

I installed storm with ambari cluster and enabled kerberos. But I can not view storm ui, it returns 403 status. I find that in /etc/storm/2.6.3.0-235/0/storm_jaas.conf, it does not have config of storm ui, I can not find any content about spnego.service.keytab. And every time I change the storm_jaas.conf, it will be overwrite by ambari. The content is that:

StormServer {
   com.sun.security.auth.module.Krb5LoginModule required
   useKeyTab=true
   keyTab="/etc/security/keytabs/nimbus.service.keytab"
   storeKey=true
   useTicketCache=false
   principal="nimbus/am1.ics.com@ICS.COM";
};
StormClient {
   com.sun.security.auth.module.Krb5LoginModule required
   useKeyTab=true
   keyTab="/etc/security/keytabs/storm.headless.keytab"
   storeKey=true
   useTicketCache=false
   serviceName="nimbus"
   principal="storm-ics_bigdata@ICS.COM";
};
RegistryClient {
   com.sun.security.auth.module.Krb5LoginModule required
   useKeyTab=true
   keyTab="/etc/security/keytabs/storm.headless.keytab"
   storeKey=true
   useTicketCache=false
   principal="storm-ics_bigdata@ICS.COM";
};
com.sun.security.jgss.krb5.initiate {
    com.sun.security.auth.module.Krb5LoginModule required
    renewTGT=false
    doNotPrompt=true
    useKeyTab=true
    keyTab="/etc/security/keytabs/nimbus.service.keytab"
    principal="nimbus/am1.ics.com@ICS.COM"
    storeKey=true
    useTicketCache=false;
};

Client {
   com.sun.security.auth.module.Krb5LoginModule required
   useKeyTab=true
   keyTab="/etc/security/keytabs/storm.headless.keytab"
   storeKey=true
   useTicketCache=false
   serviceName="zookeeper"
   principal="storm-ics_bigdata@ICS.COM";
};


KafkaClient {
   com.sun.security.auth.module.Krb5LoginModule required
   useKeyTab=true
   keyTab="/etc/security/keytabs/storm.headless.keytab"
   storeKey=true
   useTicketCache=false
   serviceName="kafka"
   principal="storm-ics_bigdata@ICS.COM";
};

But in the ambari storm config, it shows that in the image attached.

And the storm in ambari shows warning of supervisor that "Connection failed: [Errno 111] Connection refused to am3.ics.com:56431" all the time.

Who can help me about storm in ambari with kerberos enabled?

67468-微信截图-20180401102058.png

756 Views
0 Kudos
2 REPLIES 2

asirna
Guru

Created ‎04-01-2018 06:16 AM

@Wang Ao,

You have to enable SPNEGO authentication to see the UI in kerberized environment. Please follow the steps mentioned in the doc.

https://docs.hortonworks.com/HDPDocuments/HDP2/HDP-2.6.4/bk_security/content/ch_enable_spnego_auth_f...

.

-Aditya

614 Views
0 Kudos

wangao
Explorer

Created on ‎04-02-2018 02:29 AM - edited ‎08-17-2019 10:44 PM

Hello, thank you for helping me. I have tried to follow the instructions in the guide book. But I still can not view storm ui, and besides the hadoop have the following warnings:

64981-微信截图-20180402102442.png

Could you please tell you what's wrong with it?

614 Views
0 Kudos
Take a Tour of the Community
Don't have an account?
Register
Your experience may be limited. Sign in to explore more.
Announcements
Community Announcements
March 2023 Community Highlights
What's New @ Cloudera
Cloudera DataFlow Designer for self-service data flow development is now generally available to all CDP Public Cloud customers
What's New @ Cloudera
Cloudera Operational Database (COD) UI provides the JWT configuration details to connect to your HBase client
What's New @ Cloudera
Cloudera Operational Database (COD) UI allows storage type selection when creating an operational database
What's New @ Cloudera
Release of Cloudera Streaming Analytics (CSA) 1.9.0 for CDP 7.1.7 SP2 & CDP 7.1.8
View More Announcements