About Abdul

Abdul · ‎05-08-2020

Hi, In our organization we are up soon going to upgrade from CDH 5.16 to CDP and there a will lot of changes we will encounter as many services in cloudera will replaced. One of the services will be Cloudera Navigator which will be replaced with Atlas. So I would like to understand the key differences, functionality and why to to choose Atlas instead of Cloudera navigator. And how complex it is in usage when compared to Atlas. I would greatly appreciate any help and insight on this topic. Thanks Mannan.

Abdul · ‎10-04-2019

@Harsh J I'm getting the same kind of issue/error while running the spark Job. "JA009 JA009: org.apache.hive.hcatalog.common.HCatException : 9001 : Exception occurred while processing HCat request : TException while getting delegation token.. Cause : org.apache.thrift.transport.TTransportException: java.net.SocketTimeoutException: Read timed out " We are currently using CDH Version and CManager Version (5.13.3). So can you Please suggest me whether the procedure you provided in Version 5.1.1* above can be applied for 5.13 . Appreciate your response. Thanks Mannan.

Abdul · ‎09-05-2019

@bgooley Hi That was quite a good list of steps I could find after searching a lot for procedures on upgrading the TLS 1.1 to 1.2. I actually applied these steps on one of our test environment on CDH 5.13 cluster on centos 6 within our organization and submitted for the vulnerability scan and the report has come up with quite a number of ports still have TLS 1.1 vulnerability. These are the ports: 11371 -- KTS server 11381-- postgresssql database 50475 External - Datanode-- dfs.datanode.https.address 13562 Yarn //mapreduce.shuffle.port 9093--kafka 8985 -- solr_https_port 8044 --Yarn,node manager --yarn. nodemanager. webapp.https.address 20550 --hbase.rest.port 19890-- Yarn Job history server, mapreduce. jobhistory. webapp.address 11443 -- Oozie server 9095 --Hbase Thrift server 8889 -- Hue load balancer 60010 -- hbase.master. info.port (http) 7187-- Cloudera manager server (metadataserve/https web UI) 50470 -- dfs.https.address or dfs.namenode.https-address (dfs.https.addressis deprecated (but still works) 14000 -- HttpFS 8481 --Hadoop --dfs.journalnode. https-address 8090 -- yarn. resourcemanager. webapp.https.address 8044 ---yarn. nodemanager. webapp.https.address 60030 -- hbase. regionserver. info.port. please let us know how we can overcome/resolve this issue. Looking forward for your response. Thanks Abdul

Abdul · ‎07-24-2019

https://community.cloudera.com/t5/Cloudera-Manager-Installation/How-can-we-disable-TLSv1-cipher-for-the-Cloudera-Platform/td-p/25706

Abdul · ‎06-10-2019

We have a security requirement to be on TLS 1.2 by the end of this year, so we need to know is 1.2 compatible with the current version of CDH we are on 5.13. If not what is not supported ? And other part of my question is whether the TLS version 1.2 will run on CDH version 5.13 supporting all the applicable components/services ? Also we would like to confirm the Postgress of KTS supports TLS 1.2. ?

Abdul · ‎03-08-2019

I got this below error message in the logs on 2 datanodes. Hard restart fixed this problem but I wanted to what prompted that error. If someone can through a light on it will greatly appreciate. DataXceiver error processing unknown operation src: /10.13.162.216:56080 dst: /10.13.161.101:1204 javax.security.sasl.SaslException: DIGEST-MD5: IO error acquiring password [Caused by org.apache.hadoop.hdfs.protocol.datatransfer.InvalidEncryptionKeyException: Can't re-compute encryption key for nonce, since the required block key (keyID=1900417437) doesn't exist.

Online	Offline
Last Visited	‎06-25-2020 01:05 PM

Member Since	‎12-18-2018 11:50 AM
Last Visited	‎06-25-2020 01:05 PM
Posts	11
Kudos received	3

Cloudera Community

Re: TLS version 1.2

Differnce Between Cloudera Navigator and Apache At...

Re: Oozie/hive-server2 not able to connect to hive...

Re: How can we disable TLSv1 cipher for the Cloude...

Re: TLS version 1.2

TLS version 1.2

DIGEST-MD5 Error Message