HDP 1.3 Kerberos problem

This topic contains 1 reply, has 1 voice, and was last updated by  David Haynes 1 year, 3 months ago.

  • Creator
    Topic
  • #44111

    David Haynes
    Participant

    I am installing HDP 1.3 on CentOS 6.4 servers using the Ambari installation method.
    The cluster runs fine until I move it to secure mode and then I get

    java.io.IOException: Login failure for nn/fqdn@REALM from keytab /etc/security/keytabs/nn.service.keytab

    kinit nn/fqdn@REALM -kt /etc/security/keytabs/nn.service.keytab works just fine.

    I have checked the hdfs-site.xml and there are no funny characters in the nn/_HOST@REALM entry.

    I really don’t know where to look next. Any suggestions would be appreciated.

Viewing 1 replies (of 1 total)

You must be to reply to this topic. | Create Account

  • Author
    Replies
  • #44281

    David Haynes
    Participant

    The key piece of information here was that kinit was working but HDP was not.
    The resolution was to check and set the permissions and owner:group of the keytab files correctly.
    This makes sense since kinit from the root account could read the keytab file but trying to read the keytab from another account failed.

    Collapse
Viewing 1 replies (of 1 total)
Hortonworks Data Platform
The Hortonworks Data Platform is a 100% open source distribution of Apache Hadoop that is truly enterprise grade having been built, tested and hardened with enterprise rigor.
Get started with Sandbox
Hortonworks Sandbox is a self-contained virtual machine with Apache Hadoop pre-configured alongside a set of hands-on, step-by-step Hadoop tutorials.
Modern Data Architecture
Tackle the challenges of big data. Hadoop integrates with existing EDW, RDBMS and MPP systems to deliver lower cost, higher capacity infrastructure.