Member since
09-29-2015
286
Posts
601
Kudos Received
60
Solutions
My Accepted Solutions
Title | Views | Posted |
---|---|---|
11454 | 03-21-2017 07:34 PM | |
2882 | 11-16-2016 04:18 AM | |
1608 | 10-18-2016 03:57 PM | |
4265 | 09-12-2016 03:36 PM | |
6213 | 08-25-2016 09:01 PM |
10-21-2015
04:10 PM
1 Kudo
Here is how I got it to work. In order for tools such as Hive, Beeline to use LDAPs, you need to make a global change in HADOOP_OPTS for CA Certs, so that it is loaded with Hadoop in general, assuming you imported the cert (self-signed) into a cacert located in /etc/pki/java/cacerts In HDFS-> Configs -> Hadoop Env Template add the following: export HADOOP_OPTS="-Djava_net_preferIPv4Stack=true =Djavax.net.ssl.trustStore=/etc/pki/java/cacerts -Djavax.net.ssl.trustStorePassword=changeit ${HADOOP_OPTS}" Note: Components like Knox and Ranger does not use the hadoop_env and needs its own config to be set for LDAP SSL and a manually restart. Why a manual restart? Because it seems when you start with Ambari, there is no way to manual set user options so that Ambari can pick up these settings and use in java process of Ranger and Knox when it starts. Only when Ranger and Knox is started manually, when restarting is the certs picked up. Note also Hive View does not work with LDAP or LDAP ssl.
... View more
10-21-2015
04:00 PM
These keystore.path and the keystore.password is ONLY for SSL encryption. It has nothing to do with LDAP SSL
... View more
10-19-2015
05:54 PM
Yes. Multiple Ranger KMS can be deployed for High Availability.
... View more
10-19-2015
05:54 PM
Labels:
- Labels:
-
Apache Ranger
10-15-2015
07:24 PM
Here is what I did to solve this. Doublecheck that
hive.zookeeper.quorum is set to the ZooKeeper ensemble (a comma separated list of ZooKeeper server host:ports running at the cluster) Set hive.server2.support.dynamic.service.discovery to true Set hive.server2.zookeeper.namespace to the value that you want to use as the root namespace on ZooKeeper. The default value is hiveserver2.
Now for what solved this,
There was no hive.zookeeper.session.timeout setting.
Customize hive.zookeeper.session.timeout so that it closes the connection between the HiveServer2’s client and ZooKeeper if a heartbeat is not received within the timeout period. Add hive.zookeeper.session.timeout to 60000 in Ambari -> Hive -> Config -> Advanced -> Custom Hive site screen-shot-2015-10-15-at-31727-pm.png
Restart Hive from Ambari. See also hive.zookeeper.session.timeout is set to null in hive-default.xml
... View more
10-15-2015
07:03 PM
HiveServer2 crashed and wasn't deregistered properly from Zookeeper. Now anytime I try restarting HiveServer2, it starts in Ambari, shows green but immediately shutdowns.
... View more
Labels:
- Labels:
-
Apache Ambari
-
Apache Hive
10-15-2015
05:02 PM
Isn't the ssl encryption different from LDAPs for authentication? The key path is different
... View more
10-15-2015
04:18 PM
Labels:
- Labels:
-
Apache Hive
10-13-2015
11:07 PM
Change hadoop-env template under HDFS -> Configs -> Advanced -> Advanced hadoop-env. Add the following: #Add libraries required by postgres
for jarFile in `ls /usr/share/java/*postgres* 2>/dev/null`
do
JAVA_JDBC_LIBS=${JAVA_JDBC_LIBS}:$jarFile
done
Save changes If you are receiving the missing jersey-client.jar file, most likely Yarn Resource Manager is not on the same node as the NameNode Use Ambari to move the Resource Manager to the Name Node
... View more
10-13-2015
11:00 PM
PostgreSQL is configured for Ambari, Hive and as the Ranger Audit store, instead of MySQL or Oracle. The following errors occur upon Name node start after configuring Ranger HDFS Plugin:
Connection to Postgres Timeout Cannot find jersey-client.jar
... View more
Labels:
- Labels:
-
Apache Ambari
-
Apache Ranger