Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

Ranger HA Proxy Load balancer URL Not working

Ranger HA Proxy Load balancer URL Not working

Contributor

Hello Team,

We have enabled Ranger Admin HA in HDP-2.6.5. We are using haproxy for load-balancing.

Here is the content of /etc/haproxy/haproxy.cfg

#---------------------------------------------------------------------
# main frontend which proxys to the backends
#---------------------------------------------------------------------
frontend  haproxy
    bind p02.test.hadoop.com:6080
    reqadd X-Forwarded-Proto:\ http
    default_backend   ranger_admin_ha
backend ranger_admin_ha p02.test.hadoop.com:6080
    balance     roundrobin
    mode http
    stats enable
    stats hide-version
    stats uri /stats
    stats realm Haproxy\ Statistics
    stats auth haproxy:redhat
    option httpchk
    option httpclose
    option forwardfor
    cookie LB insert
    server v01.test.hadoop.com 10.10.33.101:6080 cookie A check
    server v02.test.hadoop.com 10.10.33.102:6080 check

The load-balancer URL works well when the cluster is not kerberized, however after Kerberization the load-balancer URL gives

503 Service Unavailable

No server is available to handle this request.

After kerberization, I referred the below HWX document for further steps(Without SSL - Step 32 onwards)

Configure_ranger_admin_ha

After creating and copying the keytabs to the nodes, the URL still does not work.

Checked the Hive server2 logs and found below error:

2019-01-29 06:51:46,167 WARN  [Thread-15]: client.RangerAdminRESTClient (RangerAdminRESTClient.java:getServicePoliciesIfUpdated(162)) - Error getting policies. secureMode=true, user=hive/test.hadoop.com@APPS.hadoop.COM (auth:KERBEROS), response={"httpStatusCode":503,"statusCode":0}, serviceName=hdphadoop_hive

2019-01-29 06:52:15,988 WARN  [Thread-16]: client.RangerAdminRESTClient (RangerAdminRESTClient.java:getServiceTagsIfUpdated(345)) - Error getting tags. secureMode=true, user=hive/test.hadoop.com@APPS.hadoop.COM (auth:KERBEROS), response={"httpStatusCode":503,"statusCode":0}, serviceName=hdphadoop_hive

2019-01-29 06:52:16,168 WARN  [Thread-15]: client.RangerAdminRESTClient (RangerAdminRESTClient.java:getServicePoliciesIfUpdated(162)) - Error getting policies. secureMode=true, user=hive/test.hadoop.com@APPS.hadoop.COM (auth:KERBEROS), response={"httpStatusCode":503,"statusCode":0}, serviceName=hdphadoop_hive

2019-01-29 06:52:46,171 WARN  [Thread-15]: client.RangerAdminRESTClient (RangerAdminRESTClient.java:getServicePoliciesIfUpdated(162)) - Error getting policies. secureMode=true, user=hive/test.hadoop.com@APPS.hadoop.COM (auth:KERBEROS), response={"httpStatusCode":503,"statusCode":0}, serviceName=hdphadoop_hive

How to solve this? Please suggest?

Thanks,

Bhushan