[
https://issues.apache.org/jira/browse/AMBARI-20369?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Mugdha Varadkar updated AMBARI-20369:
-------------------------------------
Description:
For {{KNOX}} and {{RANGER_KMS}} services which supports ranger plugin, need to
have hdfs-site.xml available in there conf directory for saving ranger audits
to hdfs in namenode HA env.
Below error logs are found, if hdfs-site.xml is not available,
{noformat}
2017-03-01 18:48:50,150 ERROR provider.BaseAuditHandler
(BaseAuditHandler.java:logError(327)) - Error writing to log file.
java.lang.IllegalArgumentException: java.net.UnknownHostException: mycluster
at
org.apache.hadoop.security.SecurityUtil.buildTokenService(SecurityUtil.java:438)
at
org.apache.hadoop.hdfs.NameNodeProxies.createNonHAProxy(NameNodeProxies.java:311)
at
org.apache.hadoop.hdfs.NameNodeProxies.createProxy(NameNodeProxies.java:176)
at org.apache.hadoop.hdfs.DFSClient.<init>(DFSClient.java:690)
at org.apache.hadoop.hdfs.DFSClient.<init>(DFSClient.java:631)
at
org.apache.hadoop.hdfs.DistributedFileSystem.initialize(DistributedFileSystem.java:160)
at
org.apache.hadoop.fs.FileSystem.createFileSystem(FileSystem.java:2795)
at org.apache.hadoop.fs.FileSystem.access$200(FileSystem.java:99)
at
org.apache.hadoop.fs.FileSystem$Cache.getInternal(FileSystem.java:2829)
at org.apache.hadoop.fs.FileSystem$Cache.get(FileSystem.java:2811)
at org.apache.hadoop.fs.FileSystem.get(FileSystem.java:390)
at
org.apache.ranger.audit.destination.HDFSAuditDestination.getLogFileStream(HDFSAuditDestination.java:271)
at
org.apache.ranger.audit.destination.HDFSAuditDestination.access$000(HDFSAuditDestination.java:43)
at
org.apache.ranger.audit.destination.HDFSAuditDestination$1.run(HDFSAuditDestination.java:157)
at
org.apache.ranger.audit.destination.HDFSAuditDestination$1.run(HDFSAuditDestination.java:154)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAs(Subject.java:422)
at
org.apache.hadoop.security.UserGroupInformation.doAs(UserGroupInformation.java:1866)
at
org.apache.ranger.audit.provider.MiscUtil.executePrivilegedAction(MiscUtil.java:523)
at
org.apache.ranger.audit.destination.HDFSAuditDestination.logJSON(HDFSAuditDestination.java:154)
at
org.apache.ranger.audit.queue.AuditFileSpool.sendEvent(AuditFileSpool.java:880)
at
org.apache.ranger.audit.queue.AuditFileSpool.runLogAudit(AuditFileSpool.java:828)
at
org.apache.ranger.audit.queue.AuditFileSpool.run(AuditFileSpool.java:758)
at java.lang.Thread.run(Thread.java:745)
Caused by: java.net.UnknownHostException: mycluster
... 24 more
2017-03-01 18:48:50,151 ERROR queue.AuditFileSpool
(AuditFileSpool.java:logError(710)) - Error sending logs to consumer.
provider=knox.async.multi_dest.batch,
consumer=knox.async.multi_dest.batch.hdfs{{noformat}
was:For {{KNOX}} and {{RANGER_KMS}} services which supports ranger plugin,
need to have hdfs-site for saving ranger audits to hdfs in namenode HA env if
plugin is enabled.
> Need hdfs-site for saving ranger audits to hdfs in namenode HA env
> ------------------------------------------------------------------
>
> Key: AMBARI-20369
> URL: https://issues.apache.org/jira/browse/AMBARI-20369
> Project: Ambari
> Issue Type: Bug
> Components: ambari-server
> Affects Versions: 2.5.0
> Reporter: Mugdha Varadkar
> Assignee: Mugdha Varadkar
> Fix For: 2.5.0
>
>
> For {{KNOX}} and {{RANGER_KMS}} services which supports ranger plugin, need
> to have hdfs-site.xml available in there conf directory for saving ranger
> audits to hdfs in namenode HA env.
> Below error logs are found, if hdfs-site.xml is not available,
> {noformat}
> 2017-03-01 18:48:50,150 ERROR provider.BaseAuditHandler
> (BaseAuditHandler.java:logError(327)) - Error writing to log file.
> java.lang.IllegalArgumentException: java.net.UnknownHostException: mycluster
> at
> org.apache.hadoop.security.SecurityUtil.buildTokenService(SecurityUtil.java:438)
> at
> org.apache.hadoop.hdfs.NameNodeProxies.createNonHAProxy(NameNodeProxies.java:311)
> at
> org.apache.hadoop.hdfs.NameNodeProxies.createProxy(NameNodeProxies.java:176)
> at org.apache.hadoop.hdfs.DFSClient.<init>(DFSClient.java:690)
> at org.apache.hadoop.hdfs.DFSClient.<init>(DFSClient.java:631)
> at
> org.apache.hadoop.hdfs.DistributedFileSystem.initialize(DistributedFileSystem.java:160)
> at
> org.apache.hadoop.fs.FileSystem.createFileSystem(FileSystem.java:2795)
> at org.apache.hadoop.fs.FileSystem.access$200(FileSystem.java:99)
> at
> org.apache.hadoop.fs.FileSystem$Cache.getInternal(FileSystem.java:2829)
> at org.apache.hadoop.fs.FileSystem$Cache.get(FileSystem.java:2811)
> at org.apache.hadoop.fs.FileSystem.get(FileSystem.java:390)
> at
> org.apache.ranger.audit.destination.HDFSAuditDestination.getLogFileStream(HDFSAuditDestination.java:271)
> at
> org.apache.ranger.audit.destination.HDFSAuditDestination.access$000(HDFSAuditDestination.java:43)
> at
> org.apache.ranger.audit.destination.HDFSAuditDestination$1.run(HDFSAuditDestination.java:157)
> at
> org.apache.ranger.audit.destination.HDFSAuditDestination$1.run(HDFSAuditDestination.java:154)
> at java.security.AccessController.doPrivileged(Native Method)
> at javax.security.auth.Subject.doAs(Subject.java:422)
> at
> org.apache.hadoop.security.UserGroupInformation.doAs(UserGroupInformation.java:1866)
> at
> org.apache.ranger.audit.provider.MiscUtil.executePrivilegedAction(MiscUtil.java:523)
> at
> org.apache.ranger.audit.destination.HDFSAuditDestination.logJSON(HDFSAuditDestination.java:154)
> at
> org.apache.ranger.audit.queue.AuditFileSpool.sendEvent(AuditFileSpool.java:880)
> at
> org.apache.ranger.audit.queue.AuditFileSpool.runLogAudit(AuditFileSpool.java:828)
> at
> org.apache.ranger.audit.queue.AuditFileSpool.run(AuditFileSpool.java:758)
> at java.lang.Thread.run(Thread.java:745)
> Caused by: java.net.UnknownHostException: mycluster
> ... 24 more
> 2017-03-01 18:48:50,151 ERROR queue.AuditFileSpool
> (AuditFileSpool.java:logError(710)) - Error sending logs to consumer.
> provider=knox.async.multi_dest.batch,
> consumer=knox.async.multi_dest.batch.hdfs{{noformat}
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
