Member since
08-15-2016
6
Posts
0
Kudos Received
1
Solution
My Accepted Solutions
| Title | Views | Posted |
|---|---|---|
| 1710 | 08-08-2017 11:53 AM |
08-08-2017
11:53 AM
For anyone that stumbles upon this same issue I'll porived some details. -Encrypt goes onto every machine that will have data which needs to be encrypted. In our case that is the kudu masters and tablets. -LVM was setup and mounted through Navencrypt. With 3 replicas setup we were ok with the fact of losing a tablet server entirely, should a disk fail.
... View more
07-18-2017
10:55 AM
We are looking into setting up Cloudera Navigator Encrypt to properly encrpyt some Kudu data that we have. Most pieces with the Encrypt install seem pretty straight forward, however I have a few questions. -Does Encrypt need to be installed on all of the hosts that will have the encrypted data? -Since we are going to be encrypting multiple Kudu disks, is it best to create an LVM with all of the disks so a single mount point can then be encrypted? Thanks.
... View more
Labels:
- Labels:
-
Cloudera Navigator
06-19-2017
08:18 AM
Thanks the responses back! J-D did you have an example post I can take a look at being that it could be since the Java client is on a Windows machine?
... View more
06-16-2017
01:44 PM
Hello, We are running into an error with an external Java Client connecting through the Java API to connect to Kudu. On the server side we see a TLS connection being attempted: W0616 13:01:28.007700 28840 negotiation.cc:290] Failed RPC negotiation. Trace:
0616 13:01:27.987227 (+ 0us) reactor.cc:373] Submitting negotiation task for server connection from 10.x.x.xxx:64686
0616 13:01:27.987396 (+ 169us) server_negotiation.cc:118] Beginning negotiation
0616 13:01:27.987397 (+ 1us) server_negotiation.cc:282] Waiting for connection header
0616 13:01:27.987764 (+ 367us) server_negotiation.cc:290] Connection header received
0616 13:01:27.988083 (+ 319us) server_negotiation.cc:246] Received NEGOTIATE NegotiatePB request
0616 13:01:27.988084 (+ 1us) server_negotiation.cc:331] Received NEGOTIATE request from client
0616 13:01:27.988098 (+ 14us) server_negotiation.cc:258] Sending NEGOTIATE NegotiatePB response
0616 13:01:27.988120 (+ 22us) server_negotiation.cc:139] Negotiated authn=SASL
0616 13:01:27.998217 (+ 10097us) server_negotiation.cc:246] Received TLS_HANDSHAKE NegotiatePB request
0616 13:01:27.998402 (+ 185us) server_negotiation.cc:258] Sending TLS_HANDSHAKE NegotiatePB response
0616 13:01:28.001852 (+ 3450us) server_negotiation.cc:246] Received TLS_HANDSHAKE NegotiatePB request
0616 13:01:28.005023 (+ 3171us) server_negotiation.cc:258] Sending TLS_HANDSHAKE NegotiatePB response
0616 13:01:28.005048 (+ 25us) server_negotiation.cc:496] Negotiated TLSv1.2 with cipher suite AES128-SHA256
0616 13:01:28.007617 (+ 2569us) negotiation.cc:281] Negotiation complete: Network error: Server connection negotiation failed: server connection from 10.x.x.xxx:64686: BlockingRecv error: failed to read from TLS socket: Cannot send after transport endpoint shutdown (error 108)
Metrics: {"negotiator.queue_time_us":139,"thread_start_us":119,"threads_started":1} The code we are using to connect is pretty straight forward: KuduClient client = new KuduClient.KuduClientBuilder(KUDU_MASTER).build();
if (!client.getTablesList(tableName).getTablesList().isEmpty()){
System.out.println("deleting table if exists...");
client.deleteTable(tableName);
} it fails in "if (!client.get....)" line This is the stack trace from the Java app: Exception in thread "main" org.apache.kudu.client.NoLeaderFoundException: Master config (kudumaster.xxxx.xxx:7051) has no leader. Exceptions received: org.apache.kudu.client.RecoverableException: [Peer master-kudumaster.xxxx.xxx:7051] Connection disconnected
at org.apache.kudu.client.ConnectToCluster.incrementCountAndCheckExhausted(ConnectToCluster.java:241)
at org.apache.kudu.client.ConnectToCluster.access$000(ConnectToCluster.java:47)
at org.apache.kudu.client.ConnectToCluster$ConnectToMasterErrCB.call(ConnectToCluster.java:309)
at org.apache.kudu.client.ConnectToCluster$ConnectToMasterErrCB.call(ConnectToCluster.java:298)
at com.stumbleupon.async.Deferred.doCall(Deferred.java:1280)
at com.stumbleupon.async.Deferred.runCallbacks(Deferred.java:1259)
at com.stumbleupon.async.Deferred.handleContinuation(Deferred.java:1315)
at com.stumbleupon.async.Deferred.doCall(Deferred.java:1286)
at com.stumbleupon.async.Deferred.runCallbacks(Deferred.java:1259)
at com.stumbleupon.async.Deferred.callback(Deferred.java:1002)
at org.apache.kudu.client.KuduRpc.handleCallback(KuduRpc.java:238)
at org.apache.kudu.client.KuduRpc.errback(KuduRpc.java:292)
at org.apache.kudu.client.TabletClient.failOrRetryRpc(TabletClient.java:691)
at org.apache.kudu.client.TabletClient.failOrRetryRpcs(TabletClient.java:668)
at org.apache.kudu.client.TabletClient.cleanup(TabletClient.java:657)
at org.apache.kudu.client.TabletClient.channelDisconnected(TabletClient.java:608)
at org.apache.kudu.client.shaded.org.jboss.netty.channel.SimpleChannelUpstreamHandler.handleUpstream(SimpleChannelUpstreamHandler.java:102)
at org.apache.kudu.client.TabletClient.handleUpstream(TabletClient.java:601)
at org.apache.kudu.client.shaded.org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:564)
at org.apache.kudu.client.shaded.org.jboss.netty.channel.DefaultChannelPipeline$DefaultChannelHandlerContext.sendUpstream(DefaultChannelPipeline.java:791)
at The cluster is kerberized with TLS/SSL enabled and has 3 master kudu servers with a handful of tablet servers. The same code is working fine on a non-kerberized cluster. Any help would be greatly appreciated!
... View more
Labels:
- Labels:
-
Apache Kudu
-
Kerberos
