[ https://issues.apache.org/jira/browse/AMBARI-16009?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Robert Levas updated AMBARI-16009: ---------------------------------- Resolution: Fixed Status: Resolved (was: Patch Available) Committed to trunk {noformat} commit 783b4d39213b5819037f4eb707754a32eb722b71 Author: Robert Levas <rle...@hortonworks.com> Date: Thu Apr 21 13:59:18 2016 -0400 {noformat} Committed to branch-2.2 {noformat} commit 7e7f3b0a8d60895ef52002ff54daff846602d52e Author: Robert Levas <rle...@hortonworks.com> Date: Thu Apr 21 14:00:15 2016 -0400 {noformat} Committed to branch-2.2.2 {noformat} commit f4eeadbcea5f12104f96b7707344491ce59d7c95 Author: Robert Levas <rle...@hortonworks.com> Date: Thu Apr 21 14:01:20 2016 -0400 {noformat} > Regenerating keytabs on re-imaged hosts results in error during 'Creating > Principals' > ------------------------------------------------------------------------------------- > > Key: AMBARI-16009 > URL: https://issues.apache.org/jira/browse/AMBARI-16009 > Project: Ambari > Issue Type: Bug > Components: ambari-server > Affects Versions: 2.2.2 > Reporter: Robert Levas > Assignee: Robert Levas > Priority: Blocker > Labels: kerberos > Fix For: 2.2.2 > > Attachments: AMBARI-16009_branch-2.2_01.patch, > AMBARI-16009_trunk_01.patch > > > We had a 1600 unsecured cluster initially, from which 700 nodes were > destroyed. Though Ambari-server knew of 1600 hosts, only 900 were > heartbeating. At this point we secured the cluster and everything was good. > Then we brought back the 700 hosts, which started heartbeating with > ambari-server. > At this point we did 'Regenerate Keytabs' which failed at the 'Create > Principals' step (image attached), as it was trying to re-create principal > which is already existing with kadmin, and with ambari-server. > *Create Principals* > Stderr: > {noformat} > 2016-04-21 01:28:52,985 - Failed to create or update principal, > HTTP/host1.example....@example.com - Failed to create service principal for > HTTP/host1.example....@example.com > STDOUT: Authenticating as principal admin/admin with password. > STDERR: WARNING: no policy specified for HTTP/host1.example....@example.com; > defaulting to no policy > add_principal: Principal or policy already exists while creating > "HTTP/host1.example....@example.com". > {noformat} > Stdout: > {noformat} > 2016-04-21 01:27:32,400 - Processing identities... > 2016-04-21 01:28:29,874 - Processing principal, > HTTP/host1.example....@example.com > {noformat} -- This message was sent by Atlassian JIRA (v6.3.4#6332)