Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

hdp-3.0.1 services start failing after I added Ranger Service

Highlighted

hdp-3.0.1 services start failing after I added Ranger Service

New Contributor

I have setup hdp-3.0.1 with Isilon + kerberized the cluster, everything was working fine until I added Ranger Service, all basic hdp services started failing with error- Caused by: org.apache.hadoop.ipc.RemoteException(org.apache.hadoop.security.AccessControlException): Permission denied: user=hdfs-hdp@WATTEEL.LAN, access=WRITE, path="/user/spark" at org.apache.hadoop.ipc.Client.getRpcResponse(Client.java:1497)

1 REPLY 1

Re: hdp-3.0.1 services start failing after I added Ranger Service

Super Mentor

@Vishal Kumar

As your cluster is Ranger enabled now so you will need to check if you have created proper Ranger HDFS policies or not?

So that a user with principal "hdfs-hdp" (or if this user is part of the correct group which has write access to that dir) will be able to access the "/user/spark" directory for writing purpose.

.

Following links might give some reference here:

1. https://hortonworks.com/blog/best-practices-in-hdfs-authorization-with-apache-ranger/
2. https://www.youtube.com/watch?v=sjrjzWM3aaY
3. https://docs.hortonworks.com/HDPDocuments/HDP3/HDP-3.1.0/authorization-ranger/content/resource_polic...
4. https://docs.hortonworks.com/HDPDocuments/HDP3/HDP-3.1.0/authorization-ranger/content/apache_ranger_...