[ https://issues.apache.org/jira/browse/AMBARI-17744?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15380084#comment-15380084 ]
Jayush Luniya commented on AMBARI-17744: ---------------------------------------- +1 > Enabling Kerberos on non-HDFS cluster with AMS fails > ---------------------------------------------------- > > Key: AMBARI-17744 > URL: https://issues.apache.org/jira/browse/AMBARI-17744 > Project: Ambari > Issue Type: Bug > Components: ambari-metrics > Reporter: Siddharth Wagle > Assignee: Siddharth Wagle > Priority: Critical > Fix For: 2.4.0 > > Attachments: AMBARI-17744.patch > > > Trying to enable Kerberos on an HDP 2.5 cluster with Kafka, Storm, Zookeeper, > AMS, LogSearch services. Enabling Kerberos failed on one of the hosts at > Distribute Keys step. > {code} > Traceback (most recent call last): > File > "/var/lib/ambari-agent/cache/common-services/KERBEROS/1.10.3-10/package/scripts/kerberos_client.py", > line 79, in <module> > KerberosClient().execute() > File > "/usr/lib/python2.6/site-packages/resource_management/libraries/script/script.py", > line 280, in execute > method(env) > File > "/var/lib/ambari-agent/cache/common-services/KERBEROS/1.10.3-10/package/scripts/kerberos_client.py", > line 69, in set_keytab > self.write_keytab_file() > File > "/var/lib/ambari-agent/cache/common-services/KERBEROS/1.10.3-10/package/scripts/kerberos_common.py", > line 407, in write_keytab_file > group=group) > File "/usr/lib/python2.6/site-packages/resource_management/core/base.py", > line 155, in __init__ > self.env.run() > File > "/usr/lib/python2.6/site-packages/resource_management/core/environment.py", > line 160, in run > self.run_action(resource, action) > File > "/usr/lib/python2.6/site-packages/resource_management/core/environment.py", > line 124, in run_action > provider_action() > File > "/usr/lib/python2.6/site-packages/resource_management/core/providers/system.py", > line 141, in action_create > self.resource.group, mode=self.resource.mode, > cd_access=self.resource.cd_access) > File > "/usr/lib/python2.6/site-packages/resource_management/core/providers/system.py", > line 53, in _ensure_metadata > raise Fail("User '{0}' doesn't exist".format(user)) > resource_management.core.exceptions.Fail: User '${hadoop-env/hdfs_user}' > doesn't exist > {code} > > This seems to be because we are distributing hdfs.headless,keytab for Metrics > Collector. > {code} > { > "service": "AMBARI_METRICS", > "keytab_content_base64": > "BQIAAABKAAIAC0VYQU1QTEUuQ09NAAwke2hhZG9vcC1lbnYADmhkZnNfdXNlcn0tY2wxAAAAAVeHGtIBABEAEKnvBKMySiX9MYrs9U5DUQsAAABSAAIAC0VYQU1QTEUuQ09NAAwke2hhZG9vcC1lbnYADmhkZnNfdXNlcn0tY2wxAAAAAVeHGtIBABAAGLB6drlFdur4I+/7Fbnqc4MmueYqB4/mtQAAAEIAAgALRVhBTVBMRS5DT00ADCR7aGFkb29wLWVudgAOaGRmc191c2VyfS1jbDEAAAABV4ca0gEAAwAIPePl/pL+rY8AAABaAAIAC0VYQU1QTEUuQ09NAAwke2hhZG9vcC1lbnYADmhkZnNfdXNlcn0tY2wxAAAAAVeHGtIBABIAINULxZhJglrzXbP2E6B5WgxUbLEOwvH3SaDLRxeq5EaUAAAASgACAAtFWEFNUExFLkNPTQAMJHtoYWRvb3AtZW52AA5oZGZzX3VzZXJ9LWNsMQAAAAFXhxrSAQAXABDftzOsUQCYcK2X4eQ+Bpyk", > "keytab_file_owner_access": "r", > "hostname": "jay-hdp-3.openstacklocal", > "component": "METRICS_COLLECTOR", > "keytab_file_group_name": "hadoop", > "keytab_file_path": "/etc/security/keytabs/hdfs.headless.keytab", > "keytab_file_group_access": "r", > "keytab_file_owner_name": "${hadoop-env/hdfs_user}", > "principal": "${hadoop-env/hdfs_user}-c...@example.com" > }, > {code} -- This message was sent by Atlassian JIRA (v6.3.4#6332)