Support Questions

Find answers, ask questions, and share your expertise

Server not found error for loadBalncer in Oozie HA in kerberized cluster.

avatar
Explorer

I am trying to set up oozie HA for my secured cluster(MIT) and i am using virtual IP as load balancer. Individual call to oozie server works but when i try to run oozie via load balancer I am getting server not found error. I have HDP 2.3.2 and Ambari 2.2.1.

1 ACCEPTED SOLUTION

avatar
Contributor

Refer the below docs for oozie HA setup. Can you verify , you have correct values for the below property. https://docs.hortonworks.com/HDPDocuments/Ambari-2.1.2.1/bk_Ambari_Users_Guide/content/_adding_an_oo... (1)oozie.zookeeper.connection.string= List of ZooKeeper hosts with ports.

For example: node1:2181,node2:2181,node3:2181

(2) oozie.services.ext= org.apache.oozie.service.ZKLocksService,org.apache.oozie.service.ZKXLogStreamingService,org.apache.oozie.service.ZKJobsConcurrencyService

(3) oozie.base.url =http://<loadbalancer.hostname>:11000/oozie

(4) oozie.authentication.kerberos.principal = *

(5) In oozie-env, uncomment OOZIE_BASE_URL property and change value to point to the Load Balancer.

For example: export OOZIE_BASE_URL="http://<loadbalance.hostname>:11000/oozie"

For secured cluster

(1) Manually Create new AD Account for HTTP/<loadbalancer_hostname>@<realm> for encryption types. kadmin.local -q "addprinc -randkey HTTP/<loadbalancer_hostname>@<realm>"

(2) Append keytab for AD Account into spnego.service.keytab on all hosts running oozie servers referenced by the loadbalancer. kadmin.local -q "ktadd -k ambari.server.keytab ambari-server@EXAMPLE.COM"

(3) Verify if the keytabs has been appended. klist -ekt spnego.service.keytab

(4) Move the newly merged spnego.service.keytab on all hosts running oozie servers referenced by the loadbalancer. After keytabs are updated, Restart Oozie service from Ambari UI.

To Verify if loadbancer is working or not.

(1) Stop the oozie server1 and run the below command oozie admin -oozie http://load-balancer-url:10000/oozie -status You should get success response.

(2) Start the oozie server1 and Stop the oozie server2 and run the below command oozie admin -oozie http://load-balancer-url:10000/oozie -status You should get success response.

View solution in original post

2 REPLIES 2

avatar
Contributor

Refer the below docs for oozie HA setup. Can you verify , you have correct values for the below property. https://docs.hortonworks.com/HDPDocuments/Ambari-2.1.2.1/bk_Ambari_Users_Guide/content/_adding_an_oo... (1)oozie.zookeeper.connection.string= List of ZooKeeper hosts with ports.

For example: node1:2181,node2:2181,node3:2181

(2) oozie.services.ext= org.apache.oozie.service.ZKLocksService,org.apache.oozie.service.ZKXLogStreamingService,org.apache.oozie.service.ZKJobsConcurrencyService

(3) oozie.base.url =http://<loadbalancer.hostname>:11000/oozie

(4) oozie.authentication.kerberos.principal = *

(5) In oozie-env, uncomment OOZIE_BASE_URL property and change value to point to the Load Balancer.

For example: export OOZIE_BASE_URL="http://<loadbalance.hostname>:11000/oozie"

For secured cluster

(1) Manually Create new AD Account for HTTP/<loadbalancer_hostname>@<realm> for encryption types. kadmin.local -q "addprinc -randkey HTTP/<loadbalancer_hostname>@<realm>"

(2) Append keytab for AD Account into spnego.service.keytab on all hosts running oozie servers referenced by the loadbalancer. kadmin.local -q "ktadd -k ambari.server.keytab ambari-server@EXAMPLE.COM"

(3) Verify if the keytabs has been appended. klist -ekt spnego.service.keytab

(4) Move the newly merged spnego.service.keytab on all hosts running oozie servers referenced by the loadbalancer. After keytabs are updated, Restart Oozie service from Ambari UI.

To Verify if loadbancer is working or not.

(1) Stop the oozie server1 and run the below command oozie admin -oozie http://load-balancer-url:10000/oozie -status You should get success response.

(2) Start the oozie server1 and Stop the oozie server2 and run the below command oozie admin -oozie http://load-balancer-url:10000/oozie -status You should get success response.

avatar
Explorer

@sprakash it worked after adding oozie.authentication.kerberos.principal = * . I missed to set oozie.authentication.kerberos.principal = *. It was not mentioned in HDP docs.