What is FQDN of hosts? Tcpdump on port 88 and see what request it is going through?
Checking keytabs are current by logging in Kinit –kt temp_host.keytab yarn/[email protected]<mailto:[email protected]> What is your /etc/krb5.conf file look like? Thanks, Sam From: Micro dong <[email protected]<mailto:[email protected]>> Date: Tuesday, November 1, 2016 at 9:15 AM To: "[email protected]<mailto:[email protected]>" <[email protected]<mailto:[email protected]>> Subject: Start job with Kerberos meet error I'm trying to configure Yarn(hadoop-2.7.2) With Kerberos。Here is my configuration file in yarn-site.xml。 <property> <name>yarn.resourcemanager.keytab</name> <value>/home/yarn/software/hadoop/etc/hadoop/conf/yarn.keytab</value> </property> <property> <name>yarn.resourcemanager.principal</name> <value>yarn/[email protected]<mailto:[email protected]></value> </property> <property> <name>yarn.nodemanager.keytab</name> <value>/home/yarn/software/hadoop/etc/hadoop/conf/yarn.keytab</value> </property> <property> <name>yarn.nodemanager.principal</name> <value>yarn/[email protected]<mailto:[email protected]></value> </property> <property> <name>yarn.nodemanager.linux-container-executor.path</name> <value>/home/yarn/software/hadoop/bin/container-executor</value> </property> <property> <name>yarn.nodemanager.container-executor.class</name> <value>org.apache.hadoop.yarn.server.nodemanager.LinuxContainerExecutor</value> </property> <property> <name>yarn.nodemanager.linux-container-executor.group</name> <value>yarn</value> </property> the keytab file is in its location, its owner is yarn. But when I try to start job, I see this message on the log: 2016-10-31 19:30:00,743 WARN org.apache.hadoop.yarn.server.nodemanager.containermanager.localizer.ResourceLocalizationService: { hdfs://tempt48:9000/home/yarn/staging/xjc/.staging/job_1477641527809_0017/job.jar, 1477913393217, PATTERN, (?:classes/|lib/).* } failed: Login failure for yarn/[email protected]<mailto:[email protected]> from keytab /home/yarn/software/hadoop/etc/hadoop/conf/yarn.keytab: javax.security.auth.login.LoginException: Unable to obtain password from user tempt48 is resourcemanager'node ,tempt57 is nodemanager's node. keytab file in tempt57 [yarn@tempt57 sbin]$ klist -kt /home/yarn/software/hadoop/etc/hadoop/conf/yarn.keytab Keytab name: FILE:/home/yarn/software/hadoop/etc/hadoop/conf/yarn.keytab KVNO Timestamp Principal ---- ----------------- -------------------------------------------------------- 2 10/31/16 17:30:06 yarn/[email protected]<mailto:[email protected]> 2 10/31/16 17:30:06 yarn/[email protected]<mailto:[email protected]> 2 10/31/16 17:30:07 yarn/[email protected]<mailto:[email protected]> 2 10/31/16 17:30:07 yarn/[email protected]<mailto:[email protected]> 2 10/31/16 17:30:07 yarn/[email protected]<mailto:[email protected]> keytab file in tempt48 [yarn@tempt48 sbin]$ klist -kt /home/yarn/software/hadoop/etc/hadoop/conf/yarn.keytab Keytab name: FILE:/home/yarn/software/hadoop/etc/hadoop/conf/yarn.keytab KVNO Timestamp Principal ---- ----------------- -------------------------------------------------------- 2 10/14/16 12:00:18 yarn/[email protected]<mailto:[email protected]> 2 10/14/16 12:00:18 yarn/[email protected]<mailto:[email protected]> 2 10/14/16 12:00:18 yarn/[email protected]<mailto:[email protected]> 2 10/14/16 12:00:19 yarn/[email protected]<mailto:[email protected]> 2 10/14/16 12:00:19 yarn/[email protected]<mailto:[email protected]> Any help would be highly appreciated. Best regards
