Home Forums HDP on Linux – Installation HDP 1.3 Kerberos problem

This topic contains 1 reply, has 1 voice, and was last updated by  David Haynes 4 months, 4 weeks ago.

  • Creator
    Topic
  • #44111

    David Haynes
    Participant

    I am installing HDP 1.3 on CentOS 6.4 servers using the Ambari installation method.
    The cluster runs fine until I move it to secure mode and then I get

    java.io.IOException: Login failure for nn/fqdn@REALM from keytab /etc/security/keytabs/nn.service.keytab

    kinit nn/fqdn@REALM -kt /etc/security/keytabs/nn.service.keytab works just fine.

    I have checked the hdfs-site.xml and there are no funny characters in the nn/_HOST@REALM entry.

    I really don’t know where to look next. Any suggestions would be appreciated.

Viewing 1 replies (of 1 total)

You must be logged in to reply to this topic.

  • Author
    Replies
  • #44281

    David Haynes
    Participant

    The key piece of information here was that kinit was working but HDP was not.
    The resolution was to check and set the permissions and owner:group of the keytab files correctly.
    This makes sense since kinit from the root account could read the keytab file but trying to read the keytab from another account failed.

    Collapse
Viewing 1 replies (of 1 total)