Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Solved Go to solution

user not found while running hive query from kerberos user

Labels:
avatar
author-rank vinayk
Rising Star

Created ‎06-13-2018 08:13 AM

Hi Folks,

I have 3 node cluster in my environment, where i have configured kerberos & ranger integrated with Active Directory. I have setup one way trust MIT KDC. Users are able to get ticket.

Now while i'm running hive query, i'm getting failed query and getting below logs:

Application application_1528875723692_0001 failed 2 times due to AM Container for appattempt_1528875723692_0001_000002 exited with exitCode: -1000

For more detailed output, check the application tracking page: http://security-test3.example.com:8088/cluster/app/application_1528875723692_0001

Then click on links to logs of each attempt.

Diagnostics: Application application_1528875723692_0001 initialization failed (exitCode=255) with output: main : command provided 0

main : run as user is asif

main : requested yarn user is asif

User asif not found

Failing this attempt. Failing the application.

Please advice what can i do for solve it.

Regards,

Vinay

7,236 Views
0 Kudos
2 ACCEPTED SOLUTIONS

avatar
author-rank vmurakami
Guru

Created ‎06-13-2018 06:34 PM

Hey @Vinay K!

Does this user asif exists in all NodeManager/ResourceManager machines? And does it belong to yarn group?

Hope this helps!

View solution in original post

6,898 Views

avatar
author-rank vinayk
Rising Star

Created ‎06-27-2018 09:02 AM

Hi,

I have configured the sssd with AD server.

Now i'm able to run query.

Thanks

Let me know if anyone having any query.

View solution in original post

6,898 Views
0 Kudos
5 REPLIES 5

avatar
author-rank vmurakami
Guru

Created ‎06-13-2018 06:34 PM

Hey @Vinay K!

Does this user asif exists in all NodeManager/ResourceManager machines? And does it belong to yarn group?

Hope this helps!

6,899 Views

avatar
author-rank vinayk
Rising Star

Created ‎06-14-2018 05:32 AM

Hi @Vinicius Higa Murakami

No, asif user does not exist on any Nodemanager/ResourceManager machines. I had setup-ldap(AD) with ambari-server. Then i had setup one way trust MIT KDC with AD. I believe i don't need to setup sssd service.

I have defined asif user in ranger policy for use all queue.

Even i had tried to add user on OS of ResourceManeger, i was able to execute query by asif. But i don't want to add each user on ResourceManager's OS.

6,898 Views
0 Kudos

avatar
author-rank vinayk
Rising Star

Created ‎06-27-2018 09:02 AM

Hi,

I have configured the sssd with AD server.

Now i'm able to run query.

Thanks

Let me know if anyone having any query.

6,899 Views
0 Kudos

avatar
author-rank iamfromsky
Expert Contributor

Created ‎03-22-2022 02:34 PM

Hi, vinayk

 

i have the same issue as yours, integrated hadoop with openldap, and hdfs, hive, sentry can work fine, i mean sentry or hdfs can find user in openldap.  but the only exceptional is yarn can't , when i test mapreduce examples by the user which is exist in openldap, it gives me the errors like below:

main : run as user is jialong
main : requested yarn user is jialong
User jialong not found

 

as you know, when we create this user on os level , it will be ok , but i don't want to create user on os level, how to achieve that ? why hdfs. sentry can work fine, but yarn is not .

4,152 Views
0 Kudos

avatar
author-rank VidyaSargur author-rank
Community Manager

Created ‎03-23-2022 03:05 AM

@iamfromsky as this is an older post, you would have a better chance of receiving a resolution by starting a new thread. This will also be an opportunity to provide details specific to your environment that could aid others in assisting you with a more accurate answer to your question. You can link this thread as a reference in your new post. 


Regards,

Vidya Sargur,
Community Manager

Was your question answered? Make sure to mark the answer as the accepted solution.
If you find a reply useful, say thanks by clicking on the thumbs up button.
Learn more about the Cloudera Community:
4,134 Views
0 Kudos
Announcements
What's New @ Cloudera
Cloudera Data Engineering 1.23: Access Spark from Your Favor...
What's New @ Cloudera
HBase REST server scaling support is Generally Available
What's New @ Cloudera
New CLI option in the update-database command
What's New @ Cloudera
New Action menu item in the Cloudera Operational Database UI
What's New @ Cloudera
Get the list of supported instance types in the Cloudera Ope...
View More Announcements