Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

Phoenix Query Server Connection URL example?

Solved Go to solution
Highlighted

Re: Phoenix Query Server Connection URL example?

Hey Chris -- using localhost definitely won't work. You must use the FQDN in the URL you supply (which must match the FQDN in the principal which PQS is using. I'm not sure why you would be getting an HTTP/404 though. I'd take a look at the PQS logs to see if anything is there. Would be best to not piggy-back on this issue and ask a new question instead. Feel free to tag me there so I'm sure to see it.

Highlighted

Re: Phoenix Query Server Connection URL example?

New Contributor

thanks will do.

BTW - last piggy-back! - I checked the log (/usr/hadoop/log/hbase/phoenix-hbase-server.log) its giving this,

2016-11-03 15:00:54,679 WARN org.apache.phoenix.shaded.org.eclipse.jetty.security.SpnegoLoginService:
GSSException: Failure unspecified at GSS-API level (Mechanism level: Checksum failed)
        at sun.security.jgss.krb5.Krb5Context.acceptSecContext(Krb5Context.java:856)
        at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:342)
        at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:285)
        at sun.security.jgss.spnego.SpNegoContext.GSS_acceptSecContext(SpNegoContext.java:906)
        at sun.security.jgss.spnego.SpNegoContext.acceptSecContext(SpNegoContext.java:556)
        at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:342)
        at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:285)



Highlighted

Re: Phoenix Query Server Connection URL example?

Sadly, "Checksum failed" could be for numerous different reasons. You can try to set "-Dsun.security.spnego.debug=true" in PHOENIX_QUERYSERVER_OPTS in hbase-env.sh for lots of debug after a restart of PQS. This will require careful reading and observation (based on principals and hostnames) to figure out what went wrong though.

Highlighted

Re: Phoenix Query Server Connection URL example?

New Contributor

Which O/S you are using for the KDC server? Is it same as the other cluster servers? If you also use Ranger encryption, there something else step you need to do. try kinit -V -k -t /etc/security/keytabs/spnego.service.keytab HTTP/YOUR_SERVER_DOMAIN@EXAMPLE.COM and hbase shell. if you scan the table like 'scan 'SYSTEM.CATALOG'. then try thin client once again.

Highlighted

Re: Phoenix Query Server Connection URL example?

New Contributor

I have a question regarding to this...

If I wanna connect to a https url, and I specify the truststore=** after the url, still it will show error

java.lang.RuntimeException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

What else am i missing?

Highlighted

Re: Phoenix Query Server Connection URL example?

There is no version of Avatica released which has the ability to specify the truststore.

Re: Phoenix Query Server Connection URL example?

New Contributor

Anyone has a working solution for this I tried pheonixdb but nothing suggested above works currently or I am not using the configs properly

Highlighted

Re: Phoenix Query Server Connection URL example?

To the best of my knowledge, python-phoenixdb (https://bitbucket.org/lalinsky/python-phoenixdb) does not have support for SPENGO which is implicitly required when a cluster has Kerberos authentication enabled. Please open your own question if you have more information to share.

Don't have an account?
Coming from Hortonworks? Activate your account here