About AmroSaleh

AmroSaleh · ‎09-10-2020

Hi , How did you solve this issue , i have the same.

AmroSaleh · ‎08-26-2020

Thanks Bender , yes i checked these documents and yes i configured sentry service , but the issue with sentry is that the HDFS ACLS will not be applied , for example if i have a user that needs to write to a specific path on hdfs as hive will manage everything i cannot add an ACL for this user and the grant with URI will be ALL.

AmroSaleh · ‎08-25-2020

Dears , I have a question for the best practices should be done on cloudera cluster specially on hdfs level using sentry RBACS.the main concern for us is that the data is copied from external resources to hdfs and the permissions make headache for us as sentry cannot be applied on URI level.Si there any solutions or document for such cases to follow? Regards

AmroSaleh · ‎07-06-2020

i , did you find a solution for that , i have the same request by audit team.

AmroSaleh · ‎04-27-2020

Thank you for your reply , I followed cloudera's documentation to configure kafkas kerberos , From Cloudera Manager, navigate to Kafka > Configurations. Set SSL client authentication to none. Set Inter Broker Protocol to SASL_PLAINTEXT. on each broker : Kafka Broker Advanced Configuration Snippet (Safety Valve) for kafka.properties: listeners=SASL_PLAINTEXT://broker1FQDN:9093 advertised.listeners=SASL_PLAINTEXT://broker1FQDN:9093 on zookeeper config: check the option : Enable Kerberos Authentication check the option : Enable Server to Server SASL Authentication the errors on ZK side are the following : ZooKeeper-2 ZooKeeper Canary Suppress... Server (broker1FQDN) Quorum Membership Suppress... Server (broker1FQDN) Quorum Membership Suppress... Server (broker3FQDN) Quorum Membership and in the log: java.io.IOException: Could not configure server because SASL configuration did not allow the ZooKeeper server to authenticate itself properly: javax.security.auth.login.LoginException: Clock skew too great (37) at org.apache.zookeeper.server.ServerCnxnFactory.configureSaslLogin(ServerCnxnFactory.java:211) at org.apache.zookeeper.server.NIOServerCnxnFactory.configure(NIOServerCnxnFactory.java:82) at org.apache.zookeeper.server.quorum.QuorumPeerMain.runFromConfig(QuorumPeerMain.java:137) at org.apache.zookeeper.server.quorum.QuorumPeerMain.initializeAndRun(QuorumPeerMain.java:118) at org.apache.zookeeper.server.quorum.QuorumPeerMain.main(QuorumPeerMain.java:81) 2020-04-27 11:48:57,528 INFO org.apache.zookeeper.server.quorum.QuorumPeerConfig: Reading configuration from: /var/run/cloudera-scm-agent/process/4648-zookeeper-server/zoo.cfg 2020-04-27 11:48:57,540 INFO org.apache.zookeeper.server.quorum.QuorumPeerConfig: Defaulting to majority quorums 2020-04-27 11:48:57,544 INFO org.apache.zookeeper.server.DatadirCleanupManager: autopurge.snapRetainCount set to 5 2020-04-27 11:48:57,544 INFO org.apache.zookeeper.server.DatadirCleanupManager: autopurge.purgeInterval set to 24 2020-04-27 11:48:57,544 INFO org.apache.zookeeper.server.DatadirCleanupManager: Purge task started. 2020-04-27 11:48:57,552 INFO org.apache.zookeeper.server.DatadirCleanupManager: Purge task completed. 2020-04-27 11:48:57,556 INFO org.apache.zookeeper.server.quorum.QuorumPeerMain: Starting quorum peer 2020-04-27 12:27:59,649 ERROR org.apache.zookeeper.server.quorum.QuorumPeerMain: Unexpected exception, exiting abnormally please help.

AmroSaleh · ‎04-26-2020

Hi , I have kafka cluster managed by CDH 6.3 built on 3 servers acting as brokers and zookeepers, i have enabled kerberos on the clustser but after that i am not able to start it wit the following error on all brokers: 4:29:50.269 AM WARN ClientCnxn SASL configuration failed: javax.security.auth.login.LoginException: No JAAS configuration section named 'Client' was found in specified JAAS configuration file: '/var/run/cloudera-scm-agent/process/4531-kafka-KAFKA_BROKER/jaas.conf'. Will continue connection to Zookeeper server without SASL authentication, if Zookeeper server allows it. 4:29:50.269 AM INFO ClientCnxn Opening socket connection to server xxxxx.xxxx:2181 4:29:50.269 AM ERROR ZooKeeperClient [ZooKeeperClient] Auth failed. 4:29:50.270 AM WARN ClientCnxn Session 0x0 for server null, unexpected error, closing socket connection and attempting reconnect java.net.ConnectException: Connection refused at sun.nio.ch.SocketChannelImpl.checkConnect(Native Method) at sun.nio.ch.SocketChannelImpl.finishConnect(SocketChannelImpl.java:717) at org.apache.zookeeper.ClientCnxnSocketNIO.doTransport(ClientCnxnSocketNIO.java:350) at org.apache.zookeeper.ClientCnxn$SendThread.run(ClientCnxn.java:1224) 4:29:50.844 AM INFO ZooKeeperClient [ZooKeeperClient] Closing. 4:29:51.370 AM WARN ClientCnxn SASL configuration failed: javax.security.auth.login.LoginException: No JAAS configuration section named 'Client' was found in specified JAAS configuration file: '/var/run/cloudera-scm-agent/process/4531-kafka-KAFKA_BROKER/jaas.conf'. Will continue connection to Zookeeper server without SASL authentication, if Zookeeper server allows it. 4:29:51.371 AM INFO ClientCnxn Opening socket connection to server jxxxx.xxx:2181 4:29:51.371 AM ERROR ZooKeeperClient [ZooKeeperClient] Auth failed. 4:29:51.473 AM INFO ZooKeeper Session: 0x0 closed 4:29:51.473 AM INFO ClientCnxn EventThread shut down 4:29:51.475 AM INFO ZooKeeperClient [ZooKeeperClient] Closed. 4:29:51.477 AM ERROR KafkaServer Fatal error during KafkaServer startup. Prepare to shutdown kafka.zookeeper.ZooKeeperClientTimeoutException: Timed out waiting for connection while in state: CONNECTING at kafka.zookeeper.ZooKeeperClient$$anonfun$kafka$zookeeper$ZooKeeperClient$$waitUntilConnected$1.apply$mcV$sp(ZooKeeperClient.scala:242) at kafka.zookeeper.ZooKeeperClient$$anonfun$kafka$zookeeper$ZooKeeperClient$$waitUntilConnected$1.apply(ZooKeeperClient.scala:238) at kafka.zookeeper.ZooKeeperClient$$anonfun$kafka$zookeeper$ZooKeeperClient$$waitUntilConnected$1.apply(ZooKeeperClient.scala:238) at kafka.utils.CoreUtils$.inLock(CoreUtils.scala:251) at kafka.zookeeper.ZooKeeperClient.kafka$zookeeper$ZooKeeperClient$$waitUntilConnected(ZooKeeperClient.scala:238) at kafka.zookeeper.ZooKeeperClient.<init>(ZooKeeperClient.scala:96) at kafka.zk.KafkaZkClient$.apply(KafkaZkClient.scala:1824) at kafka.server.KafkaServer.kafka$server$KafkaServer$$createZkClient$1(KafkaServer.scala:361) at kafka.server.KafkaServer.initZkClient(KafkaServer.scala:385) at kafka.server.KafkaServer.startup(KafkaServer.scala:205) at kafka.server.KafkaServerStartable.startup(KafkaServerStartable.scala:42) at kafka.Kafka$.main(Kafka.scala:75) at com.cloudera.kafka.wrap.Kafka$$anonfun$1.apply(Kafka.scala:92) at com.cloudera.kafka.wrap.Kafka$$anonfun$1.apply(Kafka.scala:92) at com.cloudera.kafka.wrap.Kafka$.runMain(Kafka.scala:103) at com.cloudera.kafka.wrap.Kafka$.main(Kafka.scala:95) at com.cloudera.kafka.wrap.Kafka.main(Kafka.scala) 4:29:51.478 AM INFO KafkaServer shutting down 4:29:51.481 AM INFO KafkaServer shut down completed 4:29:51.481 AM ERROR KafkaServerStartable Exiting Kafka. Noting that in the path /var/run/cloudera-scm/process/broker and zookeeper i can find the keytabs and jaas files and i can make kinit successfully. What causing this ? and what should i do or re configure???

AmroSaleh · ‎04-23-2020

Hello Friend , ow can i add the kafka-handler.jar in cloudera cluster?? from the manager or i have to copy the jar t specific location? can you explain

AmroSaleh · ‎04-23-2020

Hello , I have question , i have cloudera cluster how to configure this kafka-handler within the cluster in order to integrate with hiv e , spark , and the other services in the cluster? is there special configuration from cloudera manager ??

Online	Offline
Last Visited	‎01-22-2021 12:17 PM

Member Since	‎04-21-2020 05:26 PM
Last Visited	‎01-22-2021 12:17 PM
Posts	11

Cloudera Community

Re: Kryo serialization failed: Buffer overflow.

Re: Apply security on prod environemnt

Apply security on prod environemnt

Re: cloudera service accounts

Re: Unabke to start brokers and zookeepers with au...

Unabke to start brokers and zookeepers with auth i...

Re: Creating hive table to read data from kafka to...

Re: Hive Kafka storage handler example