Support Questions
Find answers, ask questions, and share your expertise

cluster creation issue via cloudbreak in GCP

cluster creation issue via cloudbreak in GCP

HI All,

Please help,

Cluster creation in cloudbreak via datalake is failing but not sure what's the issue.

I have attached the log file

I think its something to do with my LDAP configuration. But authentication configuration test connecrion was successful.

Might be issue with user and group configuration.

9 REPLIES 9

Re: cluster creation issue via cloudbreak in GCP

I think this has more to do with the syntax of the command entered.

Could you try to use the ambari-server setup-ldap without spaces on the supplied values. For example change "--ldap-manager-dn=cn=hdpsuperadmin, ou=hdpusers, dc=cluster, dc=com" to "--ldap-manager-dn=cn=hdpsuperadmin,ou=hdpusers,dc=cluster,dc=com"

Re: cluster creation issue via cloudbreak in GCP

@Jonathan Sneep

Thanks for the input, tried the cluster setup but it failed with the following error:

Cluster installation failed to complete, please check the Ambari UI for more details. You can try to reinstall the cluster with a different blueprint or fix the failures in Ambari and sync the cluster with Cloudbreak later.

I was able to fix the errors in ambari, I have 2 questions hope you would be able to answer

1. How do i sync ambari with cloudbreak

2. Post cluster creation failure, cloudbreak UI doesn't load at all.

Re: cluster creation issue via cloudbreak in GCP

Expert Contributor

Hi @sudi ts,

1. You can find the sync button under Actions menu in Cloudbreak

2. Cloudbreak or Ambari UI? Is your previous issue is solved and is there a new error in your log?

Re: cluster creation issue via cloudbreak in GCP

@mmolnar

I am using GCP platform and trying to configure Datalake service by enabling Kerberos.

External Authentication test succeeded. But when creating a cluster by enabling Kerberos and adding required KDC credentials it failing with the error attached.

Below are my Kerberos Details:

KDC host: hdp-ad.cluster.com ( 35.237.19.153 ).

I am not why kerberosization is failing.

ldap-error.txt

Re: cluster creation issue via cloudbreak in GCP

@sudi ts

When looking at your latest attachment, that new error "Invalid number of arguments. Entered: 3, required: 1" is similar to the first one you had posted. Try to adjust --ldap-base-dn in the same fashion you had adjusted --ldap-manager-dn.

Ex;

--ldap-base-dn=ou=hdpusers,dc=cluster,dc=com

Re: cluster creation issue via cloudbreak in GCP

Expert Contributor

@sudi ts

when you add your ldap configuration, don't use space when defining your LDAP User Search Base.

When we check from Java your LDAP configuration, it can handle space, but in the end, when we configure Ambari, the spaces cause this issue.

Maybe we will add some validation later, but for now just readd you ldap configuration without spaces.

Re: cluster creation issue via cloudbreak in GCP

@mmolnar @Jonathan Sneep

I did follow your recommendations. Thanks for the input.

Without enabling Kerberos authentication cluster setup is successful. But enabling the Kerberos security setup fails with following error:

Ambari operation start failed: [component:'INSTALL_START', requestID: '1', context: 'Logical Request: Provision Cluster 'cbd-master'
FAILED: unable to find valid certification path to requested target', status: 'ABORTED']

Please find my Kerberos details. Could it be failing because of any of below parameters.

Kerberos Type: Existing KDC with active directory
Kerberos URL: 35.237.19.153
Kerberos Admin URL: 35.237.19.153
Kerberos Realm: CLUSTER.COM
Kerberos AD Ldap URL: ldaps://35.237.19.153:636
Kerberos AD Container DN: ou=hdpusers,dc=cluster,dc=com
Use TCP connection: Yes

Re: cluster creation issue via cloudbreak in GCP

Re: cluster creation issue via cloudbreak in GCP

@Jonathan Sneep

I have added the active directory certificate to ambari-truststore but still cluster creation fails with below error:

Ambari operation start failed: [component:'INSTALL_START', requestID: '1', context: 'Logical Request: Provision Cluster 'cbd-master1' FAILED: Failed to create the account for HTTP/cbdmaster1-m-0-20180711174907.c.ibxev-edl2-61a040fc.internal@CLUSTER.COM', status: 'ABORTED']

In Manual Installation we have check if KDC/Kerberos credentials are working fine by checking the connection.

How can we do the same in cloudbreak?