Cloudera Community
russ_stevenson
user rank
Contributor
My Accepted Solutions
Show All

Re: CDP 7.1.6 Ranger KMS test conection failed " ...

by Contributor in Support Questions
‎07-06-2021 11:10 AM
‎07-06-2021 11:10 AM
I was seeing the same issue, thanks to @jakezhang  for posting.   Changing the Ranger KMS: kerberos_princ_name from rangerkms to keyadmin allowed me to get this working. Thanks for the clues in the log file and to @Scharan            ... View more

Re: use of hadoop.security.token.service.use_ip=fa...

by Cloudera Employee in Support Questions
‎06-02-2021 07:25 AM
‎06-02-2021 07:25 AM
Specify the following configurations in Cloudera Manager on the Clusters > Isilon Service > Configuration tab: In the Isilon Cluster-wide Advanced Configuration Snippet (Safety Valve) for core-site.xml property for the Isilon service, set the value  use_ip property to FALSE.   hadoop.security.token.service.use_ip = false   For more info click here      ... View more

Re: Test HA on ResourceManager

by Contributor in Support Questions
‎05-04-2017 12:02 PM
‎05-04-2017 12:02 PM
This issue was resolved in OneFS 8.0.0.4.   See the release notes for the Resolved Issue.   During failover to a secondary ResourceManager, HDFS MapReduce jobs might have been disrupted. This could have occurred because, during failover, OneFS renegotiated the connection to the ResourceManager using the same Kerberos ticket but with a different name. As a result, the request to connect to the secondary ResourceManager could not be authenticated and access was denied.181448 ... View more

Re: Ambari managing krb5.conf

by Contributor in Support Questions
‎07-20-2016 04:50 PM
‎07-20-2016 04:50 PM
@Robert Leva @Kuldeep Kulkarni Thanks for the response, the combination of the MIT documentation recommendation and the Jira, clarify this observation. Cheers! ... View more

Re: Configuring kerberos for YARN with Isilon

by Contributor in Support Questions
‎01-22-2016 11:35 AM
2 Kudos
‎01-22-2016 11:35 AM
2 Kudos
docu56048_OneFS-7.2-CLI-Administration-Guide.pdf   Configure HDFS authentication properties on the Hadoop client If you want clients running Hadoop 2.2 and later to connect to an access zone through Kerberos, you must make some modifications to the core-site.xml and hdfs- site.xml files on the Hadoop clients. Before you begin Kerberos must be set as the HDFS authentication method and a Kerberos authentication provider must be configured on the cluster. Procedure 1. Go to the $HADOOP_CONF directory on your Hadoop client. 2. Open the core-site.xml file in a text editor. 3. Set the value of the hadoop.security.token.service.use_ip property to false as shown in the following example: <property> <name>hadoop.security.token.service.use_ip</name> <value>false</value> </property> 4. Save and close the core-site.xml file. 5. Open the hdfs-site.xml file in a text editor. 6. Set the value of the dfs.namenode.kerberos.principal.pattern property to the Kerberos realm as shown in the following example: <property> <name>dfs.namenode.kerberos.principal.pattern</name> <value>hdfs/*@storage.company.com</value> </property> 7. Save and close the hdfs-site.xml file. ... View more
Contact Me
Online
Offline
Last Visited
‎09-27-2024 03:27 PM
Community Statistics
Member Since ‎07-30-2015 01:04 PM
Last Visited ‎09-27-2024 03:27 PM
Posts 20
Kudos received 8