[
https://issues.apache.org/jira/browse/AMBARI-9917?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Robert Levas updated AMBARI-9917:
---------------------------------
Attachment: (was: AMBARI-9917_branch-2.0.0_01.patch)
> Kerberos: Add Host did not generate keytabs
> -------------------------------------------
>
> Key: AMBARI-9917
> URL: https://issues.apache.org/jira/browse/AMBARI-9917
> Project: Ambari
> Issue Type: Bug
> Components: ambari-server
> Affects Versions: 2.0.0
> Reporter: Robert Levas
> Assignee: Robert Levas
> Priority: Critical
> Labels: kerberos
> Fix For: 2.0.0
>
> Attachments: AMBARI-9917_branch-2.0.0_01.patch,
> AMBARI-9917_trunk_01.patch
>
>
> 1) using build 440
> 2) three node cluster, hdfs, yarn, mr, tez, hive, zk, pig, ams
> 3) setup nnha, rmha
> 4) enabled kerb
> 5) all is good
> 6) added second hive metastore
> 7) added second hiveserver2
> 8) all is good
> 9) added host with DN and clients
> 10) keytabs are not created on the new host. i was not prompted for kdc
> creds. basically, i did 1-9 all in one shot, never logging out.
> As a workaround #1:
> - Attempted to regen keytabs, with "missing only" checkbox checked. it looks
> like it remade all principals and keytabs for the cluster but didn't
> distribute the keytabs. That is concerning that this might be an additional
> issue for another JIRA maybe. Anycase: didn't result in getting keytabs on my
> new host.
> As a workaround #2:
> - Attempted regen keytabs all. Made all princs and keytabs and distributed
> for cluster hosts except my new host. So no lock here either.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
