[
https://issues.apache.org/jira/browse/OOZIE-1865?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14036995#comment-14036995
]
Robert Kanter commented on OOZIE-1865:
--------------------------------------
Test failures are unrelated because the patch only contains doc changes. The
RAT warning is because the patch didn't apply 100% cleanly so a .orig file was
created. I'll make sure it's clean when committed it; the important thing is
to review the content.
> Oozie servers can't talk to each other with Oozie HA and Kerberos
> -----------------------------------------------------------------
>
> Key: OOZIE-1865
> URL: https://issues.apache.org/jira/browse/OOZIE-1865
> Project: Oozie
> Issue Type: Bug
> Components: HA
> Affects Versions: trunk
> Reporter: Robert Kanter
> Assignee: Robert Kanter
> Attachments: OOZIE-1865.patch
>
>
> When you use Oozie HA with Kerberos, you have to set
> {{oozie.authentication.kerberos.principal}} to {{HTTP/<load-balancer-host>}}
> instead of {{HTTP/<oozie-server-host>}}. This allows clients to connect to
> any of the Oozie servers through the load balancer. However, it also blocks
> clients from directly talking to any of the Oozie servers. In and of itself,
> that's okay, but it turns out that in most cases, it also blocks the Oozie
> servers from talking to each other, namely for log streaming, the
> sharelibupdate command, and collating instrumentation/metrics (OOZIE-1676).
> Ultimately, what we need to do is allow Oozie to use both
> {{HTTP/<load-balancer-host>}} instead of {{HTTP/<oozie-server-host>}} at the
> same time so that clients (including Oozie servers, users, Web UI, etc) can
> talk to Oozie both through the load balancer and directly. If my
> understanding of HADOOP-10158 is correct, HADOOP-10158 adds this ability.
> For this JIRA, we should update Oozie to take advantage of HADOOP-10158.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
