Cloudera Community
akanto
user rank
Expert Contributor

Re: Cannot access AmbariUI after Cloudbreak instal...

by Expert Contributor in Support Questions
‎04-24-2018 03:52 PM
‎04-24-2018 03:52 PM
@Marshal Tito thanks for the feedback. based on your feedback will fix the certificate generation ... View more

Re: Cannot access AmbariUI after Cloudbreak instal...

by Expert Contributor in Support Questions
‎04-24-2018 10:50 AM
‎04-24-2018 10:50 AM
@Marshal Tito there is no /etc/certs_new but the script what I sent is responsible to create it. It is basically just regenerating the certs with a different public ip, teherefore please don't forget to set export PUBLIC_IP=172.21.250.249 to the right value. ... View more

Re: Cannot access AmbariUI after Cloudbreak instal...

by Expert Contributor in Support Questions
‎04-20-2018 10:07 AM
‎04-20-2018 10:07 AM
Hi @Marshal Tito, Could you execute the following command as root, to regenerate and replace the certificate. In 2.5.0 the certificate generation has changed and I am wondering whether that is causing some problem for you. Please replace the PUBLIC_IP value with your ip: rm -rf /etc/certs_new export PUBLIC_IP=172.21.250.249 export CBD_CERT_ROOT_PATH=/etc/certs_new mkdir -p ${CBD_CERT_ROOT_PATH} # Generate new certificates certm -d $CBD_CERT_ROOT_PATH ca generate -o=testgw --overwrite certm -d $CBD_CERT_ROOT_PATH server generate -o=testgw --host hostname --host ${PUBLIC_IP} mv $CBD_CERT_ROOT_PATH/server.pem $CBD_CERT_ROOT_PATH/cluster.pem mv $CBD_CERT_ROOT_PATH/server-key.pem $CBD_CERT_ROOT_PATH/cluster-key.pem # Replaces cert in line 4 and 5 sed -i '4s/certs\//certs_new\//' /etc/nginx/sites-enabled/ssl.conf sed -i '5s/certs\//certs_new\//' /etc/nginx/sites-enabled/ssl.conf #Reload nginx pkill -HUP nginx keytool -printcert -v -file /etc/certs_new/cluster.pem ... View more

Re: Cannot access AmbariUI after Cloudbreak instal...

by Expert Contributor in Support Questions
‎04-19-2018 07:31 PM
‎04-19-2018 07:31 PM
Sorry, I didn't see the 2nd screenshot. I think it might be related to your notebook's security settings. Is it Cloudbreak 2.5 what you are using? Would you mind to export the certificate and attaching it, please? With a quick Googling I run into such comments like this: The workaround (typing "proceed" on the page) is working for me...are you sure your browser has focus when you're typing the letters? I have doubt of the success of typing 'proceed', but might worth to try it out. ... View more

Re: Cannot access AmbariUI after Cloudbreak instal...

by Expert Contributor in Support Questions
‎04-19-2018 06:36 PM
‎04-19-2018 06:36 PM
Hi @Marshal Tito, The warning is shown because of self-sign certificate is used. You can click on the "Advanced" link and after that click on "Proceed". screen-shot-2018-04-19-at-202902.png screen-shot-2018-04-19-at-202432.png ... View more

Re: Ambari SSO setup automation

by Expert Contributor in Support Questions
‎12-07-2017 09:18 AM
‎12-07-2017 09:18 AM
Thanks, for answers. I voted up all of them, since all of them are very useful, but I have accepted the answer of @Doroszlai, Attila since that is quite simple to automate from Ansible and SaltStack since both of them are providing built-in solutions for file manipulation. ... View more

Ambari SSO setup automation

by Expert Contributor in Support Questions
‎12-05-2017 08:53 PM
‎12-05-2017 08:53 PM
I would like to set up Ambari SSO in an automated way, but it seems the 'ambari-server setup-sso' does not support it. If I switch on the silent mode then I got a not supported error message, without silent mode it is quite hard to automate since it asks quite a few questions. # Silent mode $> ambari-server setup-sso --silent Using python /usr/bin/python Setting up SSO authentication properties... WARNING: setup-sso is not enabled in silent mode. Ambari Server 'setup-sso' completed with warnings. # Interactive mode $> ambari-server setup-sso Using python /usr/bin/python Setting up SSO authentication properties... Do you want to configure SSO authentication [y/n] (y)? Provider URL [URL] (http://example.com):https://somehost:8443/gw-os06/knoxsso/api/v1/websso Public Certificate pem (empty) (empty line to finish input): MIICnTCCAYWgAwIBAgIBATANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdzaWdu aW5nMB4XDTE3MTIwNTE3NDUwMloXDTI3MTIwNTE3NDUwMlowEjEQMA4GA1UEAxMH ... 60v5bHlGkAKgdziCm1DZbxmTjcjLdxZAU7NrOlhSicZl17Yym1nmT8Cq2PkSDRaZ rA== Do you want to configure advanced properties [y/n] (n) ? Ambari Server 'setup-sso' completed successfully. Is there a simple/elegant way to automate it? Thanks, Attila ... View more
Labels:

Re: Ranger fails to install with Blueprint

by Expert Contributor in Support Questions
‎11-17-2017 05:38 PM
‎11-17-2017 05:38 PM
Thanks, but before triggering the blueprint the mysql is still not installed. MYSQL_SEVER is part of the blueprint and it is installed by Ambari. ... View more

Ranger fails to install with Blueprint

by Expert Contributor in Support Questions
‎11-17-2017 04:55 PM
‎11-17-2017 04:55 PM
Hi, In my test environment Ranger install with Ambari Blueprint fails with with DB access error. I have added RANGER_ADMIN, HIVE_SERVER, HIVE_METASTORE and MYSQL_SERVER components to the blueprints. The MySQL server has been correctly installed/configured by Ambari and it seems that Hive is able to use it without any problem, but Ranger setup fails with the following error: 17 15:40:00,148 [I] Running DBA setup script. QuiteMode:True 2017-11-17 15:40:00,149 [I] Using Java:/usr/lib/jvm/java/bin/java 2017-11-17 15:40:00,149 [I] DB FLAVOR:MYSQL 2017-11-17 15:40:00,149 [I] DB Host: 2017-11-17 15:40:00,149 [I] ---------- Verifying DB root password ---------- 2017-11-17 15:40:00,150 [I] DBA root user password validated 2017-11-17 15:40:00,150 [I] ---------- Verifying Ranger Admin db user password ---------- 2017-11-17 15:40:00,150 [I] admin user password validated 2017-11-17 15:40:00,150 [I] ---------- Creating Ranger Admin db user ---------- 2017-11-17 15:40:00,150 [JISQL] /usr/lib/jvm/java/bin/java -cp /usr/hdp/current/ranger-admin/ews/lib/mysql-connector-java-5.1.39-bin.jar:/usr/hdp/current/ranger-admin/jisql/lib/* org.apache.util.sql.Jisql -driver mysqlconj -cstring jdbc:mysql:///mysql -u root -p '********' -noheader -trim -c \; -query "SELECT version();" SQLException : SQL state: 28000 java.sql.SQLException: Access denied for user 'root'@'localhost' (using password: YES) ErrorCode: 1045 2017-11-17 15:40:00,714 [E] Can't establish db connection.. Exiting.. Traceback (most recent call last): Please note that logging in to the machine and changing password is not really an option since I want to automate the installation of Hive, Ranger and MySQL from Blueprint . My blueprint: blueprint.txt Attila ... View more

Re: Cloudbreak 1.16 - Adding security breaks Ambar...

by Expert Contributor in Support Questions
‎09-20-2017 12:31 PM
‎09-20-2017 12:31 PM
Hi @Matt Andruff, Cloudbreak does not populate kerberos related settings into the gateway-site.xml config file of Knox: https://github.com/apache/knox/blob/master/gateway-release/home/conf/gateway-site.xml#L40 E.g gateway.hadoop.kerberos.secured is not set and krb5.conf is not set. Until this is fixed in Cloudbreak I recommend not to select the "Enable Knox Gateway" on Cloudbreak, but as a workaround you can add KNOX_SERVER into the blueprint and let Ambari configure Knox. Kind regards, Attila ... View more
Contact Me
Online
Offline
Last Visited
‎02-11-2019 08:25 AM
Community Statistics
Member Since ‎10-14-2015 03:52 PM
Last Visited ‎02-11-2019 08:25 AM
Posts 65
Kudos received 57