Hi Jay Kumar SenSharma , Can you please address my issue with the host recovery from Ambari after OS upgraded from RHEL 6 to RHEL 7. https://community.hortonworks.com/questions/242900/recover-host-on-ambari-26-creating-only-kerberos-r.html ... View more

Hey, We are using HDP2.3.6. We are geeting below error when we configured Ranger to store audit on Solr. 2017-04-25 09:16:23,366 WARN [org.apache.ranger.audit.queue.AuditBatchQueue0]: provider.BaseAuditHandler (BaseAuditHandler.java:logFailedEvent(374)) - failed to log audit event: {"repoType":3,"repo":"hdpt01_hive","reqUser":"hadooptest","evtTime":"2017-04-25 09:16:21.124","access":"USE","resType":"@null","action":"SHOWDATABASES","result":1,"policy":6,"enforcer":"ranger-acl","sess":"06802e00-eda7-4bd2-a812-7e2ed2621e24","cliType":"HIVESERVER2","cliIP":"","reqData":"show schemas","agentHost":"hivehost","logType":"RangerAudit","id":"d8b3d307-0035-4613-a7ff-872fa1c46a9e","seq_num":0,"event_count":1,"event_dur_ms":0} org.apache.solr.client.solrj.impl.HttpSolrClient$RemoteSolrException: Error from server at http://hostname:8886/solr/ranger_audit: Expected mime type application/octet-stream but got text/html. <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/> <title>Error 401 Authentication required</title> </head> <body><h2>HTTP ERROR 401</h2> <p>Problem accessing /solr/ranger_audit/update. Reason: <pre> Authentication required</pre></p><hr><i><small>Powered by Jetty://</small></i><hr/> </body> </html> The cluster is kerberized. Below error is seen when accessing teh ambari-infra-solr UI http://hostname:8886/solr/ GSSException: Failure unspecified at GSS-API level (Mechanism level: Specified version of key is not available (44)) ... View more

Hi, I am getting the below error when I configured Ranger to use Solr for audits. We are using HDP-2.3.6 2017-04-26 09:29:22,353 [http-bio-6080-exec-2] ERROR org.apache.ranger.solr.SolrUtil (SolrUtil.java:79) - Error from Solr server. org.apache.solr.client.solrj.impl.HttpSolrClient$RemoteSolrException: Error from server at http://hostname:8886/solr/ranger_audit: Expected mime type application/octet-stream but got text/html. <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/> <title>Error 401 Authentication required</title> </head> <body><h2>HTTP ERROR 401</h2> <p>Problem accessing /solr/ranger_audit/select. Reason: <pre> Authentication required</pre></p><hr><i><small>Powered by Jetty://</small></i><hr/> </body> </html> I see the below error when I access Solr UI http://hostname:8886/solr/ GSSException: Failure unspecified at GSS-API level (Mechanism level: Specified version of key is not available (44)) The cluster is kerberized ... View more

Any update on the above error? ... View more

Hi Sri, Thanks for the response. It did work. Thank you so much for your help. I accept this answer. ... View more

Hbase master log lp.bcbsa.com:2181 sessionTimeout=30000 watcher=master:160000x0, quorum=mdcthdpdas10lp.bcbsa.com:2181, baseZNode=/hbase-secure1 2016-05-26 16:11:43,494 WARN [main-SendThread(mdcthdpdas10lp.bcbsa.com:2181)] client.ZooKeeperSaslClient: Could not login: the client is being asked for a password, but the Zookeeper client code does not currently support obtaining a password from the user. Make sure that the client is configured to use a ticket cache (using the JAAS configuration setting 'useTicketCache=true)' and restart the client. If you still get this message after that, the TGT in the ticket cache has expired and must be manually refreshed. To do so, first determine if you are using a password or a keytab. If the former, run kinit in a Unix shell in the environment of the user who is running this Zookeeper client using the command 'kinit <princ>' (where <princ> is the name of the client's Kerberos principal). If the latter, do 'kinit -k -t <keytab> <princ>' (where <princ> is the name of the Kerberos principal, and <keytab> is the location of the keytab file). After manually refreshing your cache, restart this client. If you continue to see this message after manually refreshing your cache, ensure that your KDC host's clock is in sync with this host's clock. 2016-05-26 16:11:43,499 WARN [main-SendThread(mdcthdpdas10lp.bcbsa.com:2181)] zookeeper.ClientCnxn: SASL configuration failed: javax.security.auth.login.LoginException: No password provided Will continue connection to Zookeeper server without SASL authentication, if Zookeeper server allows it. 2016-05-26 16:11:43,500 INFO [main-SendThread(mdcthdpdas10lp.bcbsa.com:2181)] zookeeper.ClientCnxn: Opening socket connection to server mdcthdpdas10lp.bcbsa.com/10.145.4.30:2181 2016-05-26 16:11:43,503 INFO [main-SendThread(mdcthdpdas10lp.bcbsa.com:2181)] zookeeper.ClientCnxn: Socket connection established to mdcthdpdas10lp.bcbsa.com/10.145.4.30:2181, initiating session 2016-05-26 16:11:43,509 INFO [main-SendThread(mdcthdpdas10lp.bcbsa.com:2181)] zookeeper.ClientCnxn: Session establishment complete on server mdcthdpdas10lp.bcbsa.com/10.145.4.30:2181, sessionid = 0x154a09cb3c7005a, negotiated timeout = 30000 2016-05-26 16:11:43,516 ERROR [main] master.HMasterCommandLine: Master exiting java.lang.RuntimeException: Failed construction of Master: class org.apache.hadoop.hbase.master.HMaster at org.apache.hadoop.hbase.master.HMaster.constructMaster(HMaster.java:2290) at org.apache.hadoop.hbase.master.HMasterCommandLine.startMaster(HMasterCommandLine.java:233) at org.apache.hadoop.hbase.master.HMasterCommandLine.run(HMasterCommandLine.java:139) at org.apache.hadoop.util.ToolRunner.run(ToolRunner.java:70) at org.apache.hadoop.hbase.util.ServerCommandLine.doMain(ServerCommandLine.java:126) at org.apache.hadoop.hbase.master.HMaster.main(HMaster.java:2304) Caused by: org.apache.zookeeper.KeeperException$InvalidACLException: KeeperErrorCode = InvalidACL for /hbase-secure1 at org.apache.zookeeper.KeeperException.create(KeeperException.java:121) ... View more