I have setup hadoop ha by using cdh 5 and tried to integrate kerberos with it.i could start namenode where kerberos kdc installed successfully.But second namenode startup with an error message..   java.io.IOException: Login failure for hdfs/rhel3.had.com@had.com from keytab /etc/hadoop/conf/hdfs.keytab   2015-02-18 16:24:27,391 INFO org.apache.hadoop.hdfs.server.namenode.NameNode: Clients are to use mycluster to access this namenode/service. 2015-02-18 16:24:28,220 FATAL org.apache.hadoop.hdfs.server.namenode.NameNode: Failed to start namenode. java.io.IOException: Login failure for hdfs/rhel3.had.com@had.com from keytab /etc/hadoop/conf/hdfs.keytab         at org.apache.hadoop.security.UserGroupInformation.loginUserFromKeytab(UserGroupInformation.java:947)         at org.apache.hadoop.security.SecurityUtil.login(SecurityUtil.java:242)         at org.apache.hadoop.hdfs.server.namenode.NameNode.loginAsNameNodeUser(NameNode.java:560)         at org.apache.hadoop.hdfs.server.namenode.NameNode.initialize(NameNode.java:579)         at org.apache.hadoop.hdfs.server.namenode.NameNode.<init>(NameNode.java:754)         at org.apache.hadoop.hdfs.server.namenode.NameNode.<init>(NameNode.java:738)         at org.apache.hadoop.hdfs.server.namenode.NameNode.createNameNode(NameNode.java:1427)         at org.apache.hadoop.hdfs.server.namenode.NameNode.main(NameNode.java:1493) Caused by: javax.security.auth.login.LoginException: Unable to obtain password from user   kinit works in the name node   [root@rhel3 ~]# kinit -kt /etc/hadoop/conf/hdfs.keytab hdfs/rhel3.had.com [root@rhel3 ~]# klist -a Ticket cache: FILE:/tmp/krb5cc_0 Default principal: hdfs/rhel3.had.com@had.com Valid starting     Expires            Service principal 02/18/15 19:47:52  02/19/15 19:47:52  krbtgt/had.com@had.com         renew until 02/18/15 19:47:52         Addresses: (none) [root@rhel3 ~]#   hdfs-site.xml: <property>   <name>dfs.block.access.token.enable</name>   <value>true</value> </property> <!-- NameNode security config --> <property>   <name>dfs.namenode.keytab.file</name>   <value>/etc/hadoop/conf/hdfs.keytab</value> <!-- path to the HDFS keytab --> </property> <property>   <name>dfs.namenode.kerberos.principal</name>   <value>hdfs/rhel3.had.com@had.com</value> </property> <property>   <name>dfs.namenode.kerberos.internal.spnego.principal</name>   <value>HTTP/rhel3.had.com@had.com</value> </property> <property>   <name>dfs.webhdfs.enabled</name>   <value>true</value> </property> <property>   <name>dfs.web.authentication.kerberos.principal</name>   <value>HTTP/rhel3.had.com@had.com</value> </property> <property>   <name>dfs.web.authentication.kerberos.keytab</name>   <value>/etc/hadoop/conf/hdfs.keytab</value> <!-- path to the HTTP keytab --> </property> core-site.xml: <property>   <name>hadoop.security.authentication</name>   <value>kerberos</value> <!-- A value of "simple" would disable security. --> </property> <property>   <name>hadoop.security.authorization</name>   <value>true</value> </property> Please let me know how to resolve the issue..   ... View more