Hi Fay…
The REST API call to set the KDC administrator credentials is to use the
/api/v1/clusters/$CLUSTER_NAME entry point, not the
/api/v1/clusters/$CLUSTER_NAME/service entry point. So you need to make 2 API
calls – one to set the credentials and one to start the services. Ideally you
should set the cookie files for curl to ensure you use the same session – but
that may not be necessary depending on the version of Ambari you are using. To
set the cookie files for curl, use
-b <path to cookie file> -c <path to cookie file>
For example:
curl -c /tmp/cookies.txt -b /tmp/cookies.txt -k -H 'X-Requested-By:ambari' -u
admin:$ADMINPASS –i –X PUT –d @/tmp/set_credentials.json
$AMBARI_SERVER_HOST_PORT/api/v1/clusters/$CLUSTER_NAME
curl -c /tmp/cookies.txt -b /tmp/cookies.txt -k -H 'X-Requested-By:ambari' -u
admin:$ADMINPASS -i -X PUT -d '{"ServiceInfo": {"state" : "STARTED"}}'
$AMBARI_SERVER_HOST_PORT/api/v1/clusters/$CLUSTER_NAME/services
I hope this helps,
Rob
From: Fay Wang <[email protected]<mailto:[email protected]>>
Reply-To: "[email protected]<mailto:[email protected]>"
<[email protected]<mailto:[email protected]>>, Fay Wang
<[email protected]<mailto:[email protected]>>
Date: Thursday, March 3, 2016 at 4:05 PM
To: "[email protected]<mailto:[email protected]>"
<[email protected]<mailto:[email protected]>>
Subject: can not start service after kerberos
Hi,
We got a very weird problem and desparetely need help!
We want to start services after kerberos is enabled. The following API
failed with "Missing KDC administrator credentials":
(1) curl -k -H 'X-Requested-By:ambari' -u admin:$ADMINPASS -i -X PUT -d
'{"ServiceInfo": {"state" : "STARTED"}}'
$AMBARI_SERVER_HOST_PORT/api/v1/clusters/$CLUSTER_NAME/services
HTTP/1.1 400 Bad Request
User: admin
Set-Cookie: AMBARISESSIONID=1shytw5f5fos61st0se0xmh2di;Path=/;Secure;HttpOnly
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/plain
Content-Length: 460
Server: Jetty(8.1.17.v20150415)
{
"status" : 400,
"message" : "java.lang.IllegalArgumentException: Missing KDC administrator
credentials.\nThe KDC administrator credentials must be set in session by
updating the relevant Cluster resource.This may be done by issuing a PUT to the
api/v1/clusters/(cluster name) API entry point with the following payload:\n{\n
\"session_attributes\" : {\n \"kerberos_admin\" : {\"principal\" :
\"(PRINCIPAL)\", \"password\" : \"(PASSWORD)\"}\n }\n}"
(2) We then provided KDC administrator credential:
curl -k -H 'X-Requested-By:ambari' -u admin:$ADMINPASS -i -X PUT -d
@/tmp/start_services.json
$AMBARI_SERVER_HOST_PORT/api/v1/clusters/$CLUSTER_NAME/services
The content of /tmp/start_services.json is:
{
"ServiceInfo": {"state" : "STARTED"},
"session_attributes" : {
"kerberos_admin" : {
"principal" : "admin/[email protected]<mailto:admin/[email protected]>",
"password" : "P@ssw0rd"
}
}
}
It again failed with "unsupported properties":
curl: (3) [globbing] nested braces not supported at pos 17
HTTP/1.1 400 Bad Request
User: admin
Set-Cookie: AMBARISESSIONID=1hchd4u8p7xza1tsvcdh6kvj5a;Path=/;Secure;HttpOnly
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/plain
Content-Length: 299
Server: Jetty(8.1.17.v20150415)
{
"status" : 400,
"message" :
"org.apache.ambari.server.controller.spi.UnsupportedPropertyException: The
properties [session_attributes/kerberos_admin/principal,
session_attributes/kerberos_admin/password] specified in the request or
predicate are not supported for the resource type Service."
}
Please let us know how to make it work...
Any help is highly appreciated...
-fay
