Hello All,   I have just added a Ranger KMS service to a newly built CDP Cluster. When attempted to create key, got error stating "user not allowed to do create key".   I thought it must be related to providing privs to the user in Ranger policies for KMS service and hence, logged in to the Ranger Admin UI where I can't see Ranger KMS service itself. I can see the plugin is enabled and responding in the plugins tab, cm_kms policy is syncing as per plugin status tab. However, service is not there.    Any suggestions please.   Thanks snm1523 ... View more

Hi,   I just completed setting up CDP Private Base in a POC environment. I was in process of attempting AD (LDAP based) integration so that users get authenticated via Active Directory. I am unsure if there was a mis configuration, however, after restarting Cloudera Manager, I can't login to it via "Admin" account (local). Thought it has got AD integrated, tried multiple accounts from AD, however, none of them are working.   Please help to re-enable admin (local) account.   Thanks snm1523 ... View more

Hi,   I am trying to perform a scripted start / stop of HDP services and its components. I need to get this done service by service, because there are few components like Hive Interactive / Spark Thrift server / Kafka broker, which does not get started / stopped in proper time. Most of the times it is observed that even if HSInteractive is still starting (visible in the background operations panel on Ambari), command moves to next service to start / stop and ultimately HSI fails. Hence, I also want to ensure that previous service is completely stopped / started, before attempting to stop / start next service in the list.   To achieve, below is the script I have written (this is to stop, I have similar for start). However, when it reaches to the point for Hive or Spark or Kafka services, even though the the internal components like Hive Interactive or Spark Thrift server or Kafka broker are not started / stopped, it moves to the next service. Most of the times the start of Spark Thrift server fails via this script. However, if same API call is sent only for Spark or Hive individually it works as expected.   Shell script for reference: USER='admin' PASS='admin' CLUSTER='xxxxxx' HOST='xxxxxx:8080' function stop(){ curl -s -u $USER:$PASS -H 'X-Requested-By: ambari' -X PUT -d '{"RequestInfo": {"context" :"Stop '"$1"' via REST"}, "Body": {"ServiceInfo": {"state": "INSTALLED"}}}' http://$HOST/api/v1/clusters/$CLUSTER/services/$1 echo -e "\nWaiting for $1 to stop...\n" wait $1 "INSTALLED" maintOn $1 } function wait(){ finished=0 check=0 while [[] $finished -ne 1 ]] do str=$(curl -s -u $USER:$PASS http://{$HOST}/api/v1/clusters/$CLUSTER/services/$1) if [[ $str == *"INSTALLED"* ]] then finished=1 echo "\n$1 Stopped...\n" fi check=$((check+1)) sleep 3 done if [[ $check -eq 3 ]] then echo -e "\n${1} failed to stop after 3 attempts. Exiting...\n" exit $? fi } function maintOn(){ curl -u $USER:$PASS -i -H 'X-Requested-By: ambari' -X PUT -d '{"RequestInfo":{"context":"Turn ON Maintenance Mode for $1 via Rest"},"Body":{"ServiceInfo":{"maintenance_state":"ON"}}}' http://$HOST/api/v1/clusters/$CLUSTER/services/$1 } stop AMBARI_INFRA_SOLR stop AMBARI_METRICS stop HDFS stop HIVE stop KAFKA stop MAPREDUCE2 stop SPARK2 stop YARN stop ZOOKEEPER     Any help / guidance would be great.   Thanks Snm1523 ... View more

Hello,   We have a strange issue here.   We are on CDH 6.3.0 and have sentry in place for authorizations. A user is trying to execute queries from Hue on Impala Editor and fails with Authorization errors. However, same query works fine via Hive and also via Impala shell. It fails only from Hue editor.   We have: 1. Refreshed metadata 2. Invalidated metadata 3. Verified permissions are in place in Sentry 4. There are no logs generated (I checked in Hue, Sentry Server and Catalog server). Please suggest if any other place should also be checked.   Example query: select * from DB.table limit 5;   Kindly help to diagnose and resolve this issue.   Thanks Snm1523 ... View more