ambari-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jayush Luniya (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (AMBARI-9879) Storm supervisor process shuts down on secure Ambari cluster
Date Mon, 02 Mar 2015 21:02:04 GMT

     [ https://issues.apache.org/jira/browse/AMBARI-9879?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Jayush Luniya updated AMBARI-9879:
----------------------------------
    Attachment: AMBARI-9879.patch

> Storm supervisor process shuts down on secure Ambari cluster
> ------------------------------------------------------------
>
>                 Key: AMBARI-9879
>                 URL: https://issues.apache.org/jira/browse/AMBARI-9879
>             Project: Ambari
>          Issue Type: Bug
>          Components: ambari-server
>    Affects Versions: 2.0.0
>            Reporter: Jayush Luniya
>            Assignee: Jayush Luniya
>             Fix For: 2.0.0
>
>         Attachments: AMBARI-9879.patch
>
>
> The supervisor process shuts down on Ambari deployed secure cluster when topologies like
storm-hive, storm-hbase, storm-hdfs are submitted.
> {noformat}
> 2015-02-26 09:50:07 o.a.s.c.r.ExponentialBackoffRetry [WARN] maxRetries too large (60000).
Pinning to 29
> 2015-02-26 09:50:07 b.s.u.StormBoundedExponentialBackoffRetry [INFO] The baseSleepTimeMs
[2000] the maxSleepTimeMs [5] the maxRetries [60000]
> 2015-02-26 09:50:07 b.s.u.StormBoundedExponentialBackoffRetry [WARN] Misconfiguration:
the baseSleepTimeMs [2000] can't be greater than the maxSleepTimeMs [5].
> 2015-02-26 09:50:07 b.s.s.a.k.ClientCallbackHandler [WARN] Could not login: the client
is being asked for a password, but the  client code does not currently support obtaining a
password from the user. Make sure that the client is configured to use a ticket cache (using
the JAAS configuration setting 'useTicketCache=true)' and restart the client. If you still
get this message after that, the TGT in the ticket cache has expired and must be manually
refreshed. To do so, first determine if you are using a password or a keytab. If the former,
run kinit in a Unix shell in the environment of the user who is running this client using
the command 'kinit <princ>' (where <princ> is the name of the client's Kerberos
principal). If the latter, do 'kinit -k -t <keytab> <princ>' (where <princ>
is the name of the Kerberos principal, and <keytab> is the location of the keytab file).
After manually refreshing your cache, restart this client. If you continue to see this message
after manually refreshing your cache, ensure that your KDC host's clock is in sync with this
host's clock.
> 2015-02-26 09:50:07 b.s.s.a.k.KerberosSaslTransportPlugin [ERROR] Server failed to login
in principal:javax.security.auth.login.LoginException: No password provided
> javax.security.auth.login.LoginException: No password provided
> 	at com.sun.security.auth.module.Krb5LoginModule.promptForPass(Krb5LoginModule.java:878)
~[na:1.7.0_75]
> 	at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:719)
~[na:1.7.0_75]
> 	at com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:584) ~[na:1.7.0_75]
> 	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.7.0_75]
> 	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) ~[na:1.7.0_75]
> 	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
~[na:1.7.0_75]
> 	at java.lang.reflect.Method.invoke(Method.java:606) ~[na:1.7.0_75]
> 	at javax.security.auth.login.LoginContext.invoke(LoginContext.java:762) ~[na:1.7.0_75]
> 	at javax.security.auth.login.LoginContext.access$000(LoginContext.java:203) ~[na:1.7.0_75]
> 	at javax.security.auth.login.LoginContext$4.run(LoginContext.java:690) ~[na:1.7.0_75]
> 	at javax.security.auth.login.LoginContext$4.run(LoginContext.java:688) ~[na:1.7.0_75]
> 	at java.security.AccessController.doPrivileged(Native Method) ~[na:1.7.0_75]
> 	at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:687) ~[na:1.7.0_75]
> 	at javax.security.auth.login.LoginContext.login(LoginContext.java:595) ~[na:1.7.0_75]
> 	at org.apache.storm.zookeeper.Login.login(Login.java:292) ~[storm-core-0.9.3.2.2.2.0-2493.jar:0.9.3.2.2.2.0-2493]
> 	at org.apache.storm.zookeeper.Login.<init>(Login.java:93) ~[storm-core-0.9.3.2.2.2.0-2493.jar:0.9.3.2.2.2.0-2493]
> 	at backtype.storm.security.auth.kerberos.KerberosSaslTransportPlugin.connect(KerberosSaslTransportPlugin.java:105)
~[storm-core-0.9.3.2.2.2.0-2493.jar:0.9.3.2.2.2.0-2493]
> 	at backtype.storm.security.auth.TBackoffConnect.doConnectWithRetry(TBackoffConnect.java:48)
[storm-core-0.9.3.2.2.2.0-2493.jar:0.9.3.2.2.2.0-2493]
> 	at backtype.storm.security.auth.ThriftClient.reconnect(ThriftClient.java:97) [storm-core-0.9.3.2.2.2.0-2493.jar:0.9.3.2.2.2.0-2493]
> 	at backtype.storm.security.auth.ThriftClient.<init>(ThriftClient.java:66) [storm-core-0.9.3.2.2.2.0-2493.jar:0.9.3.2.2.2.0-2493]
> 	at backtype.storm.utils.NimbusClient.<init>(NimbusClient.java:52) [storm-core-0.9.3.2.2.2.0-2493.jar:0.9.3.2.2.2.0-2493]
> 	at backtype.storm.utils.NimbusClient.getConfiguredClient(NimbusClient.java:36) [storm-core-0.9.3.2.2.2.0-2493.jar:0.9.3.2.2.2.0-2493]
> 	at backtype.storm.utils.Utils.downloadFromMaster(Utils.java:259) [storm-core-0.9.3.2.2.2.0-2493.jar:0.9.3.2.2.2.0-2493]
> 	at backtype.storm.daemon.supervisor$fn__7421.invoke(supervisor.clj:563) [storm-core-0.9.3.2.2.2.0-2493.jar:0.9.3.2.2.2.0-2493]
> 	at clojure.lang.MultiFn.invoke(MultiFn.java:241) [clojure-1.5.1.jar:na]
> 	at backtype.storm.daemon.supervisor$mk_synchronize_supervisor$this__7340.invoke(supervisor.clj:449)
[storm-core-0.9.3.2.2.2.0-2493.jar:0.9.3.2.2.2.0-2493]
> 	at backtype.storm.event$event_manager$fn__2571.invoke(event.clj:40) [storm-core-0.9.3.2.2.2.0-2493.jar:0.9.3.2.2.2.0-2493]
> 	at clojure.lang.AFn.run(AFn.java:24) [clojure-1.5.1.jar:na]
> 	at java.lang.Thread.run(Thread.java:745) [na:1.7.0_75]
> 2015-02-26 09:50:07 b.s.event [ERROR] Error when processing event
> java.lang.RuntimeException: javax.security.auth.login.LoginException: No password provided
> 	at backtype.storm.security.auth.kerberos.KerberosSaslTransportPlugin.connect(KerberosSaslTransportPlugin.java:108)
~[storm-core-0.9.3.2.2.2.0-2493.jar:0.9.3.2.2.2.0-2493]
> 	at backtype.storm.security.auth.TBackoffConnect.doConnectWithRetry(TBackoffConnect.java:48)
~[storm-core-0.9.3.2.2.2.0-2493.jar:0.9.3.2.2.2.0-2493]
> 	at backtype.storm.security.auth.ThriftClient.reconnect(ThriftClient.java:97) ~[storm-core-0.9.3.2.2.2.0-2493.jar:0.9.3.2.2.2.0-2493]
> 	at backtype.storm.security.auth.ThriftClient.<init>(ThriftClient.java:66) ~[storm-core-0.9.3.2.2.2.0-2493.jar:0.9.3.2.2.2.0-2493]
> 	at backtype.storm.utils.NimbusClient.<init>(NimbusClient.java:52) ~[storm-core-0.9.3.2.2.2.0-2493.jar:0.9.3.2.2.2.0-2493]
> 	at backtype.storm.utils.NimbusClient.getConfiguredClient(NimbusClient.java:36) ~[storm-core-0.9.3.2.2.2.0-2493.jar:0.9.3.2.2.2.0-2493]
> 	at backtype.storm.utils.Utils.downloadFromMaster(Utils.java:259) ~[storm-core-0.9.3.2.2.2.0-2493.jar:0.9.3.2.2.2.0-2493]
> 	at backtype.storm.daemon.supervisor$fn__7421.invoke(supervisor.clj:563) ~[storm-core-0.9.3.2.2.2.0-2493.jar:0.9.3.2.2.2.0-2493]
> 	at clojure.lang.MultiFn.invoke(MultiFn.java:241) ~[clojure-1.5.1.jar:na]
> 	at backtype.storm.daemon.supervisor$mk_synchronize_supervisor$this__7340.invoke(supervisor.clj:449)
~[storm-core-0.9.3.2.2.2.0-2493.jar:0.9.3.2.2.2.0-2493]
> 	at backtype.storm.event$event_manager$fn__2571.invoke(event.clj:40) ~[storm-core-0.9.3.2.2.2.0-2493.jar:0.9.3.2.2.2.0-2493]
> 	at clojure.lang.AFn.run(AFn.java:24) [clojure-1.5.1.jar:na]
> 	at java.lang.Thread.run(Thread.java:745) [na:1.7.0_75]
> Caused by: javax.security.auth.login.LoginException: No password provided
> 	at com.sun.security.auth.module.Krb5LoginModule.promptForPass(Krb5LoginModule.java:878)
~[na:1.7.0_75]
> 	at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:719)
~[na:1.7.0_75]
> 	at com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:584) ~[na:1.7.0_75]
> 	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.7.0_75]
> 	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) ~[na:1.7.0_75]
> 	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
~[na:1.7.0_75]
> 	at java.lang.reflect.Method.invoke(Method.java:606) ~[na:1.7.0_75]
> 	at javax.security.auth.login.LoginContext.invoke(LoginContext.java:762) ~[na:1.7.0_75]
> 	at javax.security.auth.login.LoginContext.access$000(LoginContext.java:203) ~[na:1.7.0_75]
> 	at javax.security.auth.login.LoginContext$4.run(LoginContext.java:690) ~[na:1.7.0_75]
> 	at javax.security.auth.login.LoginContext$4.run(LoginContext.java:688) ~[na:1.7.0_75]
> 	at java.security.AccessController.doPrivileged(Native Method) ~[na:1.7.0_75]
> 	at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:687) ~[na:1.7.0_75]
> 	at javax.security.auth.login.LoginContext.login(LoginContext.java:595) ~[na:1.7.0_75]
> 	at org.apache.storm.zookeeper.Login.login(Login.java:292) ~[storm-core-0.9.3.2.2.2.0-2493.jar:0.9.3.2.2.2.0-2493]
> 	at org.apache.storm.zookeeper.Login.<init>(Login.java:93) ~[storm-core-0.9.3.2.2.2.0-2493.jar:0.9.3.2.2.2.0-2493]
> 	at backtype.storm.security.auth.kerberos.KerberosSaslTransportPlugin.connect(KerberosSaslTransportPlugin.java:105)
~[storm-core-0.9.3.2.2.2.0-2493.jar:0.9.3.2.2.2.0-2493]
> 	... 12 common frames omitted
> 2015-02-26 09:50:07 b.s.util [ERROR] Halting process: ("Error when processing an event")
> java.lang.RuntimeException: ("Error when processing an event")
> 	at backtype.storm.util$exit_process_BANG_.doInvoke(util.clj:322) [storm-core-0.9.3.2.2.2.0-2493.jar:0.9.3.2.2.2.0-2493]
> 	at clojure.lang.RestFn.invoke(RestFn.java:423) [clojure-1.5.1.jar:na]
> 	at backtype.storm.event$event_manager$fn__2571.invoke(event.clj:48) [storm-core-0.9.3.2.2.2.0-2493.jar:0.9.3.2.2.2.0-2493]
> 	at clojure.lang.AFn.run(AFn.java:24) [clojure-1.5.1.jar:na]
> 	at java.lang.Thread.run(Thread.java:745) [na:1.7.0_75]
> 2015-02-26 09:50:07 b.s.d.supervisor [INFO] Shutting down supervisor 5054232b-13b7-4b80-ad2e-9f4d5179476a
> {noformat}
> Principal for StormClient and Client shouldn't be bound to a host it should be headless
user like storm@EXAMPLE.COM



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message