Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

integration hdfs ui with knox sso

Solved Go to solution

integration hdfs ui with knox sso

New Contributor

i following bellow steps to setup sso:

  • Install Knox.
  • Configure Ambari Authentication for LDAP/AD.
  • Configure an LDAP/AD Identity Provider (IdP).
  • Enable Knox SSO using the Ambari CLI.

after this step sso worked me for redirect to ambari ui.

in the next step when i add the bellow property to core-site.xml, restarting hdfs failed:

"hadoop.http.authentication.type": "org.apache.hadoop.security.authentication.server.JWTRedirectAuthenticationHandler”
"hadoop.http.authentication.public.key.pem": “$SSOPUBLICKEY"
"hadoop.http.authentication.authentication.provider.url": "$SSOPROVIDERURL"

when add this property (hadoop.http.authentication.type) to hdfs happening error.

hdfs log file:

2019-02-26 16:28:06,366 ERROR datanode.DataNode (DataNode.java:secureMain(2870)) - Exception in secureMain
java.io.IOException: Problem starting http server Caused by: 
        at org.apache.hadoop.http.HttpServer2.start(HttpServer2.java:1165)
        at org.apache.hadoop.hdfs.server.datanode.web.DatanodeHttpServer.<init>(DatanodeHttpServer.java:141)
        at org.apache.hadoop.hdfs.server.datanode.DataNode.startInfoServer(DataNode.java:954)
        at org.apache.hadoop.hdfs.server.datanode.DataNode.startDataNode(DataNode.java:1404)
        at org.apache.hadoop.hdfs.server.datanode.DataNode.<init>(DataNode.java:497)
        at org.apache.hadoop.hdfs.server.datanode.DataNode.makeInstance(DataNode.java:2769)
        at org.apache.hadoop.hdfs.server.datanode.DataNode.instantiateDataNode(DataNode.java:2677)
        at org.apache.hadoop.hdfs.server.datanode.DataNode.createDataNode(DataNode.java:2719)
        at org.apache.hadoop.hdfs.server.datanode.DataNode.secureMain(DataNode.java:2863)
        at org.apache.hadoop.hdfs.server.datanode.DataNode.main(DataNode.java:2887)
javax.servlet.ServletException: javax.servlet.ServletException: Keytab does not exist: /home/hdfs/hadoop.keytab  
        at org.apache.hadoop.http.HttpServer2.start(HttpServer2.java:1165)
        at org.apache.hadoop.hdfs.server.datanode.web.DatanodeHttpServer.<init>(DatanodeHttpServer.java:141)
        at org.apache.hadoop.hdfs.server.datanode.DataNode.startInfoServer(DataNode.java:954)
        at org.apache.hadoop.hdfs.server.datanode.DataNode.startDataNode(DataNode.java:1404)
        at org.apache.hadoop.hdfs.server.datanode.DataNode.<init>(DataNode.java:497)
        at org.apache.hadoop.hdfs.server.datanode.DataNode.makeInstance(DataNode.java:2769)
        at org.apache.hadoop.hdfs.server.datanode.DataNode.instantiateDataNode(DataNode.java:2677)
        at org.apache.hadoop.hdfs.server.datanode.DataNode.createDataNode(DataNode.java:2719)
        at org.apache.hadoop.hdfs.server.datanode.DataNode.secureMain(DataNode.java:2863)
        at org.apache.hadoop.hdfs.server.datanode.DataNode.main(DataNode.java:2887)


how can resolve this issue?


1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted

Re: integration hdfs ui with knox sso

New Contributor

I checked so many paper and documents. Not to mention at all that the public key should be added to the /home/hdfs/ path.

after adding public key to /home/hdfs/hadoop-keytab path the issue is resolved.

if this file dont exist we creating.

add public key to ----->/home/hdfs/hadoop-keytab
2 REPLIES 2
Highlighted

Re: integration hdfs ui with knox sso

New Contributor

I checked so many paper and documents. Not to mention at all that the public key should be added to the /home/hdfs/ path.

after adding public key to /home/hdfs/hadoop-keytab path the issue is resolved.

if this file dont exist we creating.

add public key to ----->/home/hdfs/hadoop-keytab

Re: integration hdfs ui with knox sso

New Contributor

Can you please send the steps to add public key to /home/hdfshdfs-keytab to my mail id : dbavizag@gmail.com