Member since
04-30-2017
31
Posts
1
Kudos Received
0
Solutions
07-19-2017
04:51 PM
Hi Kuldeep. I actually did a restore from the backup and was able to preserve the cluster this way. I will keep the information you sent me in case I have a similar problem moving forward. Thanks,
... View more
07-11-2017
05:04 PM
Hi Olivier, Is this approach considered an in place upgrade of the OS? We need to upgrade to RHEL7 from RHEL6 and our system team doesn't use any configuration management tools to do an in place upgrade. It sounds like the systems/hosts in the cluster will be wiped to do the OS upgrade. Do you have any information on how to do this and preserve the Hadoop data disks? We also need to upgrade from HDP 2.5.3 to 2.6.0 and our cluster is kerberized. What's the best approach for us to take in upgrading the OS and HDP simultaneously?
... View more
07-07-2017
05:17 PM
I will try this on next week and let you know the results. Thanks, Debra,
... View more
07-07-2017
04:37 PM
Would someone please send me information on how to set up a non-kerberized HDF to communicate with a kerberized HDP cluster. I know how to set this up on a standalone but the procedures haven't proved successful on a HDF cluster.
... View more
Labels:
- Labels:
-
Cloudera DataFlow (CDF)
05-22-2017
01:28 AM
These are the errors in thrift server logs: Caused by: org.apache.thrift.transport.TTransportException: Invalid status 80
at org.apache.thrift.transport.TSaslTransport.sendAndThrowMessage(TSaslTransport.java:232)
at org.apache.thrift.transport.TSaslTransport.receiveSaslMessage(TSaslTransport.java:184)
at org.apache.thrift.transport.TSaslServerTransport.handleSaslStartMessage(TSaslServerTransport.java:125)
at org.apache.thrift.transport.TSaslTransport.open(TSaslTransport.java:271)
at org.apache.thrift.transport.TSaslServerTransport.open(TSaslServerTransport.java:41)
at org.apache.thrift.transport.TSaslServerTransport$Factory.getTransport(TSaslServerTransport.java:216)
... 5 more
... View more
05-22-2017
01:19 AM
Hi Edgar, I'm having the same problem you had previously but even after entering HTTP/_HOST@myrealm it's still not working in a kerberos environment. Below are my settings: hbase.thrift.support.proxyuser=true hbase.thrift.security.qop=auth
hbase.thrift.keytab.file=/etc/security/keytabs/hbase.service.key hbase.thrift.kerberos.principal=HTTP/_HOST@myrealm hbase.regionserver.thrift.http=true
... View more
05-16-2017
06:08 PM
I forgot to state that I have the hue user set up to impersonate/proxy in the core-site file as well.
... View more
05-16-2017
06:07 PM
Hi - We have a kerberized cluster HDP 2.5.3 and I have followed your instructions to the T and while I have no problems with Hive, Job Browser, & File Browser in HUE, I continue to get this error when trying to access HBASE tables in HUE: Api Error: Could not start SASL: Error in sasl_client_start (-1) SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (Server not found in Kerberos database)
... View more
05-16-2017
05:56 PM
Hi Geoffrey, Is this the same for creating headless keytabs/principals? We are able to create keytabs with host attributes, the issue is using the same service name to create a headless account. Does the article you pointed to address this? Thanks,
... View more
05-16-2017
01:31 PM
Hi Umair, Our AD team created a headless keytab without HOST attribute and the keytab with same service account name with HOST attribute broke and the headless keytab doesn't work. What is the appropriate syntax for creating headless keytabs in AD? We created it as follows: C:\Users\adminname>ktpass /princ serviceaccountname@domain.com /pass securepassword /mapuser serviceaccountname /pType KRB5_NT_PRINCIPA
L /out serviceaccountname_headless.keytab
Targeting domain controller: hostname.domain.com
Failed to set property 'servicePrincipalName' to 'serviceaccountname' on Dn 'CN=serviceaccountname,OU=Hadoop,OU=Secure,OU=Secure,OU=Secure,DC=domain,DC=com': 0x13.
WARNING: Unable to set SPN mapping data.
If serviceaccountname already has an SPN mapping installed for serviceaccountname, this is no cause for concern.
Password successfully set!
Key created.
Output keytab to serviceaccountname_headless.keytab:
Keytab version: 0x502
keysize 57 serviceaccountname@domain.com ptype 1 (KRB5_NT_PRINCIPAL) vno 5 etype 0x17 (RC4-HMAC) keylength 16 (A000000000000000000) This is the error received when kiniting the headless keytab: Keytab contains no suitable keys for serviceaccountname@domain.com while getting initial
credentials.
... View more