Member since
03-03-2018
26
Posts
0
Kudos Received
0
Solutions
09-10-2019
02:36 AM
Hi All,
I want to secure login to NiFi and NiFi is installed only on one server.
There is no ldaps connectivity and connection to ldap is established with ldap://<hostname>:<port>
There is no CA and we can generate certificates on the server using OpenSSL.
With the above conditions can I secure NiFi login via certificates and login id / password?
@TimothySpann can you help me on this.
... View more
Labels:
- Labels:
-
Apache NiFi
07-31-2019
04:56 AM
@Geoffrey Shelton Okot Thanks for your time and here is the answer: HDP - 2.6.4.0 Zeppelin - 0.7.3 yarn.nodemanager.resource.cpu-vcores - 1 yarn.scheduler.minimum-allocation-vcores - 1 yarn.scheduler.maximum-allocation-vcores - 1 Cluster is of only 2 nodes and each NM has below configuration(s) NM1: [root@xxxx ~]# cat /proc/cpuinfo | awk '/^processor/{print $3}' | tail -1 3 [root@xxx ~]# lscpu Architecture: x86_64 CPU op-mode(s): 32-bit, 64-bit Byte Order: Little Endian CPU(s): 4 On-line CPU(s) list: 0-3 Thread(s) per core: 1 Core(s) per socket: 2 Socket(s): 2 NM2: [root@xxxx ~]# cat /proc/cpuinfo | awk '/^processor/{print $3}' | tail -1 1 [root@ ~]# lscpu Architecture: x86_64 CPU op-mode(s): 32-bit, 64-bit Byte Order: Little Endian CPU(s): 2 On-line CPU(s) list: 0,1 Thread(s) per core: 1 Core(s) per socket: 2 Socket(s): 1 NUMA node(s): 1 I am wondering, when the job is running with no issues on beeline, putty ; why it is not working on Zeppelin? Is there any difference?
... View more
07-30-2019
08:40 AM
@Geoffrey Shelton Okot can you help me on this.
... View more
07-29-2019
09:12 AM
Hi Team, When are running a hive query using Zeppelin notebook, zeppelin hangs immediately with screenshot as attached. But, the same query is successful when executed via beeline on command line at the same time, so I think it should not be an issue from YARN or resources end. Is this an issue from Zeppelin? Could anyone help me on this, please.
... View more
Labels:
- Labels:
-
Apache Hive
-
Apache YARN
-
Apache Zeppelin
07-16-2019
05:41 AM
Can someone @Timothy Spann in the community can help me on this, please?
... View more
07-16-2019
05:27 AM
Is your AWS account connected with AD? Can you provide more details on your AWS account.
... View more
07-08-2019
10:11 AM
Hi All, I am unable to create subterm in Taxonomy feature of Atlas. Can anyone help on this and we are using HDP2.6.4 Here is the screenshot I get when I click on create Subterm and it is ongoing for long time.
... View more
Labels:
- Labels:
-
Apache Atlas
05-07-2019
01:36 PM
@Matt Clarke Thanks a lot for your time on this. Firstly, In nifi.properties file I did use below truststore: nifi.security.truststore=/opt/certs/truststore.jks I did create CA and all required certificates using openSSL and imported to truststore and I am using a single node here. I did import the CA certificate to browser but still I do see the same issue. Am I missing anything here? Also, I did not use any ldap-provider yet and this is my first step to verify https connection for NiFi. Could you advise me on this.
... View more
05-06-2019
09:47 PM
Hi All, I am unable to login to NiFi via chrome browser after enabling https. NiFi is running successfully with https URL as per nifi log but my browser is not accepting the https link and I do get below error when I try to login using https. Below is from nifi.log: 2019-05-06 11:55:36,551 INFO [main] org.apache.nifi.web.server.JettyServer NiFi has started. The UI is available at the following URLs: 2019-05-06 11:55:36,551 INFO [main] org.apache.nifi.web.server.JettyServer https://192.168.1.145:8087/nifi 2019-05-06 11:55:36,551 INFO [main] org.apache.nifi.web.server.JettyServer https://127.0.0.1:8087/nifi 2019-05-06 11:55:36,553 INFO [main] org.apache.nifi.BootstrapListener Successfully initiated communication with Bootstrap 2019-05-06 11:55:36,553 INFO [main] org.apache.nifi.NiFi Controller initialization took 24246616620 nanoseconds (24 seconds). When I tried to login using URL - https://192.168.1.145:8087/nifi I do get below error in Chrome browser: ********************************** 192.168.1.145 didn’t accept your login certificate, or one may not have been provided. Try contacting the system admin. ERR_BAD_SSL_CLIENT_AUTH_CERT ************************************ Can anyone help me on this?
... View more
Labels:
- Labels:
-
Apache NiFi
11-20-2018
08:27 AM
AD integration with HS2 via beeline works fine. User ID and password verification is successful via beeline login.
... View more
11-20-2018
08:21 AM
Agree, but right now I can't enable SSL but I need to get rid of this issue. Can you help me on this.
... View more
11-18-2018
06:43 PM
Thanks a lot for your patience on this and I really appreciate it from my end. I enabled logging . Everything seems good when HS2 is not integrated with AD. But, when I try to connect when HS2 is integrated with AD.. then I am not able to connect. Here is the log from Driver: Nov 19 08:05:53.526 ERROR 6096 DSTestResultDialog::Initialize: [DriverSupport] (1110) Unexpected response received from server. Please ensure the server host and port specified for the connection are correct and confirm if SSL should be enabled for the connection. Question: SSL is not enabled in the cluster and on the Tableau end or AD end or driver end, is it required? Here is the log from HS2: [root@server2 hive]# vi /var/tmp/hiveserver2withAD1.log at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.thrift.transport.TTransportException: Invalid status -128 at org.apache.thrift.transport.TSaslTransport.sendAndThrowMessage(TSaslTransport.java:232) at org.apache.thrift.transport.TSaslTransport.receiveSaslMessage(TSaslTransport.java:184) at org.apache.thrift.transport.TSaslServerTransport.handleSaslStartMessage(TSaslServerTransport.java:125) at org.apache.thrift.transport.TSaslTransport.open(TSaslTransport.java:271) at org.apache.thrift.transport.TSaslServerTransport.open(TSaslServerTransport.java:41) at org.apache.thrift.transport.TSaslServerTransport$Factory.getTransport(TSaslServerTransport.java:216) ... 4 more 2018-11-18 18:40:37,168 ERROR [HiveServer2-Handler-Pool: Thread-43]: server.TThreadPoolServer (TThreadPoolServer.java:run(297)) - Error occurred during processing of message. java.lang.RuntimeException: org.apache.thrift.transport.TTransportException: Invalid status -128 at org.apache.thrift.transport.TSaslServerTransport$Factory.getTransport(TSaslServerTransport.java:219) at org.apache.thrift.server.TThreadPoolServer$WorkerProcess.run(TThreadPoolServer.java:269) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.thrift.transport.TTransportException: Invalid status -128 at org.apache.thrift.transport.TSaslTransport.sendAndThrowMessage(TSaslTransport.java:232) at org.apache.thrift.transport.TSaslTransport.receiveSaslMessage(TSaslTransport.java:184) at org.apache.thrift.transport.TSaslServerTransport.handleSaslStartMessage(TSaslServerTransport.java:125) at org.apache.thrift.transport.TSaslTransport.open(TSaslTransport.java:271) at org.apache.thrift.transport.TSaslServerTransport.open(TSaslServerTransport.java:41) at org.apache.thrift.transport.TSaslServerTransport$Factory.getTransport(TSaslServerTransport.java:216) ... 4 more 2018-11-18 18:40:41,032 ERROR [HiveServer2-Handler-Pool: Thread-43]: server.TThreadPoolServer (TThreadPoolServer.java:run(297)) - Error occurred during processing of message. java.lang.RuntimeException: org.apache.thrift.transport.TTransportException: Invalid status -128 at org.apache.thrift.transport.TSaslServerTransport$Factory.getTransport(TSaslServerTransport.java:219) at org.apache.thrift.server.TThreadPoolServer$WorkerProcess.run(TThreadPoolServer.java:269) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.thrift.transport.TTransportException: Invalid status -128 at org.apache.thrift.transport.TSaslTransport.sendAndThrowMessage(TSaslTransport.java:232) at org.apache.thrift.transport.TSaslTransport.receiveSaslMessage(TSaslTransport.java:184) at org.apache.thrift.transport.TSaslServerTransport.handleSaslStartMessage(TSaslServerTransport.java:125) at org.apache.thrift.transport.TSaslTransport.open(TSaslTransport.java:271) at org.apache.thrift.transport.TSaslServerTransport.open(TSaslServerTransport.java:41) at org.apache.thrift.transport.TSaslServerTransport$Factory.getTransport(TSaslServerTransport.java:216) ... 4 more Here is the ODBC configuration:
... View more
11-18-2018
05:05 PM
Hi, User name and password is correct. What is wondering here is - When HS2 is integrated with AD, beeline connectivity works fine but only tableau connectivity goes wrong. Also, Trace logs are not generated from ODBC driver ( not sure why it is ! ) Here is the screenshot of driver configuration:
... View more
11-18-2018
04:58 PM
Hi, User name and password is correct. What is wondering here is - When HS2 is integrated with AD, beeline connectivity works fine but only tableau connectivity goes wrong.
... View more
11-18-2018
05:16 AM
Hi, How to enable trace from Tableau end? I did use supported and latest ODBC driver. Someone else has set up ODBC and Connection to Tableau works proper with user name but not with username and password in Tableau.
... View more
11-17-2018
01:02 AM
Hi, I have a cluster with no security measures other than HS2 integrated with AD. Unable to log in to Tableau after HS2 is integrated with AD. Can anyone help me out on this? Environment: HS2 - 1.2.1000 HS2 is integrated with Active Directory: hive.server2.authentication=LDAP hive.server2.authentication.ldap.url=ldap://192.168.254.142:389 hive.server2.authentication.ldap.Domain=myproject.com Error1: 2018-11-16 23:59:47,057 ERROR [HiveServer2-Handler-Pool: Thread-44]: transport.TSaslTransport (TSaslTransport.java:open(315)) - SASL negotiation failure javax.security.sasl.SaslException: Error validating the login [Caused by javax.security.sasl.AuthenticationException: LDAP Authentication failed for user [Caused by javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903C5, comment: AcceptSecurityContext error, data 52e, v2580^@]]] at org.apache.hive.service.auth.PlainSaslServer.evaluateResponse(PlainSaslServer.java:109) at org.apache.thrift.transport.TSaslTransport$SaslParticipant.evaluateChallengeOrResponse(TSaslTransport.java:539) at org.apache.thrift.transport.TSaslTransport.open(TSaslTransport.java:283) at org.apache.thrift.transport.TSaslServerTransport.open(TSaslServerTransport.java:41) at org.apache.thrift.transport.TSaslServerTransport$Factory.getTransport(TSaslServerTransport.java:216) at org.apache.thrift.server.TThreadPoolServer$WorkerProcess.run(TThreadPoolServer.java:269) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) Error2: 2018-11-16 23:59:29,716 ERROR [HiveServer2-Handler-Pool: Thread-44]: server.TThreadPoolServer (TThreadPoolServer.java:run(297)) - Error occurred during processing of message. java.lang.RuntimeException: org.apache.thrift.transport.TTransportException: Invalid status -128 at org.apache.thrift.transport.TSaslServerTransport$Factory.getTransport(TSaslServerTransport.java:219) at org.apache.thrift.server.TThreadPoolServer$WorkerProcess.run(TThreadPoolServer.java:269) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.thrift.transport.TTransportException: Invalid status -128 at org.apache.thrift.transport.TSaslTransport.sendAndThrowMessage(TSaslTransport.java:232) at org.apache.thrift.transport.TSaslTransport.receiveSaslMessage(TSaslTransport.java:184) at org.apache.thrift.transport.TSaslServerTransport.handleSaslStartMessage(TSaslServerTransport.java:125) at org.apache.thrift.transport.TSaslTransport.open(TSaslTransport.java:271) at org.apache.thrift.transport.TSaslServerTransport.open(TSaslServerTransport.java:41) at org.apache.thrift.transport.TSaslServerTransport$Factory.getTransport(TSaslServerTransport.java:216) ... 4 more 2018-11-16 23:59:47,0
... View more
Labels:
- Labels:
-
Apache Hive
05-14-2018
12:20 AM
Hi All, I see numerous links which point various equations for calculating NN and SNN heap size. Can someone provide me the best weblinks with the help of which I can calculate NN and SNN heap size. Thanks in advance.
... View more
Labels:
- Labels:
-
HDFS
03-13-2018
10:42 AM
Thanks a lot for your kind attention.
... View more
03-13-2018
10:37 AM
Certification team is unable to provide response to my emails 😞
... View more
03-13-2018
10:37 AM
Thanks a lot for your time. Please let me know the topic name under which my concerned question will be valid. The topic is clearly mentioned in Developer certification topics list. Please check your private message regarding home directory query and the other question I am talking about.
... View more
03-13-2018
08:35 AM
Can someone help me on this? It is tough to believe the curriculum of CCA131. Cloudera might be confused and mixed questions from other curriculum. Can cloudera give answer on this?
... View more
03-10-2018
07:03 AM
Thanks for your private message I have 2 major concerns with the CCA131 examination and I am in communication with certification team but I believe the statement "You have to accept the questions in Certification" is not 100% correct.
... View more
03-09-2018
07:05 PM
Thanks a lot for your reply. Would like to get some technical explanation on the questions asked in CCA131. Whom should I contact? and I got a statement from Certification team which is like below: "you must accept the questions that we ask you on the exam" And I believe the questions should be valid as per the topics present in list of topics provided in CCA131 topics list and the weblink for the same is: "https://www.cloudera.com/more/training/certification/cca-admin.html" Unfortunately, I got a question from a topic listed in CCA Spark and Hadoop Developer topics and the topic list for the same is: "https://www.cloudera.com/more/training/certification/cca-spark.html" Do I need to accept the question yet and if it is yes then there will be no clarity on the topics for CCA131 and I believe CCA131 questions quality has to be improved from non-technical perspective. I am wondering if I need to get ready for all certificaiton topics like Spark Developer Admin etc so that I can fit to the statement given by Cloudera - "you must accept the questions that we ask you on the exam" 😞 😞
... View more
03-09-2018
07:14 AM
Hi, I would like to discuss on the CCA131 attempted examination. Whom should I contact? Is there any way to share our experience and give feed back on the certification questions and I believe CCA131 needs lots of improvement.
... View more
Labels:
- Labels:
-
Certification
03-14-2017
06:38 AM
In Custom core-site I see that the host which hosts WebHCat server is already included and the same issue is replicated. @Shyam Shaw can you help me..
... View more
03-02-2017
06:58 AM
How can I become a hortonworks certified hadoop administrator trainer? It is not about HDPCA certification but exactly on how to become a trainer on Hortonworks Administration certified by Hortonworks? Please let me know
... View more
- Tags:
- Hadoop Core
- hdpca
Labels:
- Labels:
-
Apache Hadoop
-
Certification