Hello, I enabled HTTPS for my Ambari Server before I changed it to run as a non-root daemon user. After I enabled non-root daemon, I'm getting the following error: 24 Jan 2017 17:06:48,001 WARN [main] AbstractLifeCycle:204 - FAILED SslSelectChannelConnector@0.0.0.0:443: java.net.SocketException: Permission denied java.net.SocketException: Permission denied at sun.nio.ch.Net.bind0(Native Method) at sun.nio.ch.Net.bind(Net.java:433) at sun.nio.ch.Net.bind(Net.java:425) at sun.nio.ch.ServerSocketChannelImpl.bind(ServerSocketChannelImpl.java:223) at sun.nio.ch.ServerSocketAdaptor.bind(ServerSocketAdaptor.java:74) at org.eclipse.jetty.server.nio.SelectChannelConnector.open(SelectChannelConnector.java:187) at org.eclipse.jetty.server.AbstractConnector.doStart(AbstractConnector.java:316) at org.eclipse.jetty.server.nio.SelectChannelConnector.doStart(SelectChannelConnector.java:265) at org.eclipse.jetty.server.ssl.SslSelectChannelConnector.doStart(SslSelectChannelConnector.java:631) at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:64) at org.eclipse.jetty.server.Server.doStart(Server.java:293) at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:64) at org.apache.ambari.server.controller.AmbariServer.run(AmbariServer.java:617) at org.apache.ambari.server.controller.AmbariServer.main(AmbariServer.java:927) It seems as though even though I've put in all the sudo settings (starting here: https://docs.hortonworks.com/HDPDocuments/Ambari-2.4.2.0/bk_ambari-security/content/commands_server.html ) the non-root user still doesn't have enough permissions to read the certificate to use for SSL binding. Does anyone know what is needed for this permission issue to be resolved? The SSL certificate and key are installed in /etc/ssl/certs/ I've been searching and I can't seem to find an answer to this. Thanks ... View more

Hello, I'm receiving this error: Failed to connect to KDC - Failed to communicate with the Active Directory at LDAP://hq.domain.com/OU=Production,OU=domain,DC=hq,DC=domain,DC=com: simple bind failed: hq.domain.com:389 Update the KDC settings in krb5-conf and kerberos-env configurations to correct this issue. I've been following this guide: https://www.ibm.com/support/knowledgecenter/SSPT3X_4.2.0/com.ibm.swg.im.infosphere.biginsights.admin.doc/doc/admin_kerb_activedir.html as well as the HDP documentation on this. I'm doing the automated kerberos wizard. JCE has been distributed to all of the nodes, I'm using Oracle JDK 1.8. Attached is the full stack trace: kerberos-stack.txt The KDC Test Connection passes just fine, I can see expected network traffic between my domain controller and the Ambari server. The only main difference is that I'm not using SSL on AD. I figure this should be fine and Ambari can just use the plaintext 389 port. I realize this is a security concern but I have no way around this right now. I don't have control over this area of our domain setup. Could this be my issue? Any help appreciated. Thanks. EDIT: I was able to successfully parse AD using the ldapsearch tool using the same DN and LDAP url that I'm specifying. Also with the same admin user. ... View more

Hello all, I'm doing an install of HDP 2.5.3. using Ambari 2.4.2.0-136, and the final install continues to fail because of this: Traceback (most recent call last): File "/var/lib/ambari-agent/cache/common-services/ATLAS/0.1.0.2.3/package/scripts/atlas_client.py", line 57, in <module> AtlasClient().execute() File "/usr/lib/python2.6/site-packages/resource_management/libraries/script/script.py", line 280, in execute method(env) File "/var/lib/ambari-agent/cache/common-services/ATLAS/0.1.0.2.3/package/scripts/atlas_client.py", line 45, in install self.install_packages(env) File "/usr/lib/python2.6/site-packages/resource_management/libraries/script/script.py", line 567, in install_packages retry_count=agent_stack_retry_count) File "/usr/lib/python2.6/site-packages/resource_management/core/base.py", line 155, in __init__ self.env.run() File "/usr/lib/python2.6/site-packages/resource_management/core/environment.py", line 160, in run self.run_action(resource, action) File "/usr/lib/python2.6/site-packages/resource_management/core/environment.py", line 124, in run_action provider_action() File "/usr/lib/python2.6/site-packages/resource_management/core/providers/package/__init__.py", line 54, in action_install self.install_package(package_name, self.resource.use_repos, self.resource.skip_repos) File "/usr/lib/python2.6/site-packages/resource_management/core/providers/package/yumrpm.py", line 51, in install_package self.checked_call_with_retries(cmd, sudo=True, logoutput=self.get_logoutput()) File "/usr/lib/python2.6/site-packages/resource_management/core/providers/package/__init__.py", line 86, in checked_call_with_retries return self._call_with_retries(cmd, is_checked=True, **kwargs) File "/usr/lib/python2.6/site-packages/resource_management/core/providers/package/__init__.py", line 98, in _call_with_retries code, out = func(cmd, **kwargs) File "/usr/lib/python2.6/site-packages/resource_management/core/shell.py", line 70, in inner result = function(command, **kwargs) File "/usr/lib/python2.6/site-packages/resource_management/core/shell.py", line 92, in checked_call tries=tries, try_sleep=try_sleep) File "/usr/lib/python2.6/site-packages/resource_management/core/shell.py", line 140, in _call_wrapper result = _call(command, **kwargs_copy) File "/usr/lib/python2.6/site-packages/resource_management/core/shell.py", line 293, in _call raise ExecutionFailed(err_msg, code, out, err) resource_management.core.exceptions.ExecutionFailed: Execution of '/usr/bin/yum -d 0 -e 0 -y install atlas-metadata_2_5_0_0_1245' returned 1. Error: Nothing to do The error "Nothing to do" is being thrown because "atlas-metadata_2_5_0_0_1245" doesn't exist in the HDP 2.5.3 repo, manually trying to install this shows this. When I do "yum search atlas" it shows this version: atlas-metadata_2_5_3_0_37 but yet Ambari is not set to install this version for some reason even though in the install wizard I specified 2.5.3. Here is what my HDP.repo looks like on every node: [HDP-2.5] name=HDP-2.5 baseurl=http://public-repo-1.hortonworks.com/HDP/centos7/2.x/updates/2.5.3.0 path=/ enabled=1 gpgcheck=0 I ran through this exact same install 2 weeks ago (2.5, but it might have been 2.5.0, I had it grab the latest 2.5), and I had zero problems. However I should mention these machines were all used in this previous install and I'm doing a re-install right now. I've ensured that everything has been wiped off of the machines based on information found here: https://community.hortonworks.com/questions/1110/how-to-completely-remove-uninstall-ambari-and-hdp.html and here: http://docs.hortonworks.com/HDPDocuments/HDP2/HDP-2.5.3/bk_command-line-installation/content/ch_uninstalling_hdp_chapter.html Ambari checks before install all passed with no errors. Can anyone please help me figure this out? Reinstalling all of the machines from scratch is nearly impossible right now. But I don't think there is anything wrong with the repo installation on the machines, Ambari installed that right, it simply is just not looking for the right packages. Note: Datanode / YARN services were installed properly, this seems to just be Atlas & App Timeline Server. Thanks ... View more