Return-Path: X-Original-To: apmail-ambari-dev-archive@www.apache.org Delivered-To: apmail-ambari-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 9C04D1036B for ; Wed, 4 Mar 2015 19:28:38 +0000 (UTC) Received: (qmail 83239 invoked by uid 500); 4 Mar 2015 19:28:38 -0000 Delivered-To: apmail-ambari-dev-archive@ambari.apache.org Received: (qmail 83205 invoked by uid 500); 4 Mar 2015 19:28:38 -0000 Mailing-List: contact dev-help@ambari.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@ambari.apache.org Delivered-To: mailing list dev@ambari.apache.org Received: (qmail 83178 invoked by uid 99); 4 Mar 2015 19:28:38 -0000 Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 04 Mar 2015 19:28:38 +0000 Date: Wed, 4 Mar 2015 19:28:38 +0000 (UTC) From: "Robert Levas (JIRA)" To: dev@ambari.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Updated] (AMBARI-9917) Kerberos: Add Host did not generate keytabs MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/AMBARI-9917?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Levas updated AMBARI-9917: --------------------------------- Attachment: (was: AMBARI-9917_trunk_01.patch) > Kerberos: Add Host did not generate keytabs > ------------------------------------------- > > Key: AMBARI-9917 > URL: https://issues.apache.org/jira/browse/AMBARI-9917 > Project: Ambari > Issue Type: Bug > Components: ambari-server > Affects Versions: 2.0.0 > Reporter: Robert Levas > Assignee: Robert Levas > Priority: Critical > Labels: kerberos > Fix For: 2.0.0 > > Attachments: AMBARI-9917_branch-2.0.0_01.patch, AMBARI-9917_trunk_01.patch > > > 1) using build 440 > 2) three node cluster, hdfs, yarn, mr, tez, hive, zk, pig, ams > 3) setup nnha, rmha > 4) enabled kerb > 5) all is good > 6) added second hive metastore > 7) added second hiveserver2 > 8) all is good > 9) added host with DN and clients > 10) keytabs are not created on the new host. i was not prompted for kdc creds. basically, i did 1-9 all in one shot, never logging out. > As a workaround #1: > - Attempted to regen keytabs, with "missing only" checkbox checked. it looks like it remade all principals and keytabs for the cluster but didn't distribute the keytabs. That is concerning that this might be an additional issue for another JIRA maybe. Anycase: didn't result in getting keytabs on my new host. > As a workaround #2: > - Attempted regen keytabs all. Made all princs and keytabs and distributed for cluster hosts except my new host. So no lock here either. -- This message was sent by Atlassian JIRA (v6.3.4#6332)