Member since
05-16-2016
7
Posts
13
Kudos Received
0
Solutions
04-21-2017
08:32 PM
3 Kudos
Problem Statement: User cannot modify or start restricted components such as getHDFS in NIFI 1.1 with Ranger enabled. Solution: In Ranger you must grant /restricted_components permissions to the user in order for them to have access to the restricted components in NIFI.
... View more
Labels:
02-28-2019
06:12 PM
still face this error in kerberized env: java.sql.SQLException: Could not open client transport for any of the Server URI's in ZooKeeper: Unable to read HiveServer2 uri from ZooKeeper
Caused by: org.apache.hive.jdbc.ZooKeeperHiveClientException: Unable to read HiveServer2 uri from ZooKeeper
Caused by: org.apache.hive.jdbc.ZooKeeperHiveClientException: Tried all existing HiveServer2 uris from ZooKeeper.
... View more
12-30-2016
09:00 PM
3 Kudos
Error: DEBUG [master:hbasrmaster01:60000.oldLogCleaner] master.ReplicationLogCleaner: Found log in ZK, keeping: hbasregion.abcd.com%2C60020%2C1446216523936.1475050795365 The duration for which WAL files are kept is controlled by hbase.master.logcleaner.ttl - default is 10 minutes. If the replication peer can be dropped (for longer than the above config value), WAL files would be cleaned.
After that the replication peer can be added back. Issue: Hbase OldWAL's in /apps/hbase/data/oldWALs not getting deleted Root Cause: Hbase had a peer that prevents the deletion of old files. In hbase shell: To List Peers:
list_peers To Disable Peers:
disable_peer("1") To Remove Peer:
remove_peer ("1") List agin to verify removal:
list_peers Next tail the Hbase Master log file to ensure the deletion was working. Also look at hbase replication folder in hdfs. Lastly we re-added the peer:
add_peer '<n>', "slave.zookeeper.quorum:zookeeper.clientport.:zookeeper.znode.parent"
... View more
Labels:
12-30-2016
02:21 PM
3 Kudos
The following steps explain how to configure LDAP for Zeppelin 1) Make sure you can do an ldapsearch with the System Username that has AD permissions to query your OU. Example: ldapsearch -h 10.1.1.10:389 -D adsystem@ABC.YOURCO.COM -w abc123 -b OU=users,DC=ABC,DC=YOURCO,DC=COM dn 2) Using Ambari go into Zeppelin Configs and Advanced Zeppelin-env. 3) Edit the shiro_ini_content by adding the following parameters (remove existing first and replace with new): [users]
admin = yourpassword,admin
[main]
adRealm = org.apache.shiro.realm.activedirectory.ActiveDirectoryRealm adRealm.url = ldap://10.1.1.10 adRealm.searchBase = OU=users,DC=ABC,DC=YOURCO,DC=COM
adRealm.systemUsername = adsystem@ABC.YOURCO.COM adRealm.systemPassword = abc123 adRealm.principalSuffix = @ABC.YOURCO.COM adRealm.authorizationCachingEnabled = true
sessionManager = org.apache.shiro.web.session.mgt.DefaultWebSessionManager securityManager.sessionManager = $sessionManager
securityManager.sessionManager.globalSessionTimeout = 86400000 cacheManager = org.apache.shiro.cache.MemoryConstrainedCacheManager
securityManager.cacheManager = $cacheManager securityManager.realms = $adRealm shiro.loginUrl = /api/login [roles]
[urls]
/api/version = anon
/api/interpreter/** = authc, roles[admin]
/api/credential/** = authc, roles[admin]
/api/configurations/** = authc, roles[admin]
/** = authcBasic 4) Save changes in Ambari. 5) Restart Zeppelin.
... View more
Labels: