ambari-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alejandro Fernandez (JIRA)" <j...@apache.org>
Subject [jira] [Created] (AMBARI-14726) Knox Gateway start fails on HDP 2.3.4 due to wrong symlink
Date Tue, 19 Jan 2016 18:40:39 GMT
Alejandro Fernandez created AMBARI-14726:
--------------------------------------------

             Summary: Knox Gateway start fails on HDP 2.3.4 due to wrong symlink
                 Key: AMBARI-14726
                 URL: https://issues.apache.org/jira/browse/AMBARI-14726
             Project: Ambari
          Issue Type: Bug
          Components: ambari-server
    Affects Versions: 2.2.1
            Reporter: Alejandro Fernandez
             Fix For: 2.2.1


Posted on the forum: https://community.hortonworks.com/questions/7750/knox-gateway-start-fail.html
by Jose Guillen

Install HDP 2.3.latest with Knox on a single host.
Immediately after install, restart Knox.
It fails with this error on both JDK 1.7 and 1.8

{code}
2016-01-15 15:37:00,440 - Execute['/usr/hdp/current/knox-server/bin/knoxcli.sh create-master
--master [PROTECTED]'] {'environment': {'JAVA_HOME': u'/usr/jdk64/jdk1.7.0_67'}, 'not_if':
"ambari-sudo.sh su knox -l -s /bin/bash -c 'test -f /var/lib/knox/data/security/master'",
'user': 'knox'}
{code}
Originates to /var/lib/ambari-agent/cache/common-services/KNOX/0.5.0.2.2/package/scripts/knox.py

{code}
cmd = format('{knox_client_bin} create-master --master {knox_master_secret!p}')
master_secret_exist = as_user(format('test -f {knox_master_secret_path}'), params.knox_user)
Execute(cmd,user=params.knox_user,environment={'JAVA_HOME': params.java_home},not_if=master_secret_exist,)
{knox_master_secret_path}
{code}
resolves to /var/lib/knox/data/security/master (as defined in /var/lib/ambari-agent/cache/common-services/KNOX/0.5.0.2.2/package/scripts/params_linux.py).
The problem is that the Knox master file does not exist on this location. The directory /var/lib/knox/data
does exist, but the content is empty.

Instead, the master key is located here: /usr/hdp/current/knox-server/data/security/master

In the file /var/lib/ambari-agent/cache/common-services/KNOX/0.5.0.2.2/package/scripts/knox_gateway.py,
I also see something with removing/setting symbolic links:

{code}
# Used to setup symlink, needed to update the knox managed symlink, in case of custom locations
if os.path.islink(params.knox_managed_pid_symlink) and os.path.realpath(params.knox_managed_pid_symlink)
!= params.knox_pid_dir:
os.unlink(params.knox_managed_pid_symlink)
os.symlink(params.knox_pid_dir, params.knox_managed_pid_symlink)
{code}
Perhaps something goes wrong with the symbolic links? (when you install HDP2.3 successfully,
but try to restart all services immediately after the installation?)

----

In any case, the following modification resolved the issue for me.. I'm not sure if it covers
everything (e.g. what will happen if you change the Knox master key via the Ambari web interface??),
but I don't have any more time to be stuck on this issue

Open /var/lib/ambari-agent/cache/common-services/KNOX/0.5.0.2.2/package/scripts/params_linux.py

Change:
{code}
knox_master_secret_path = '/var/lib/knox/data/security/master' 
knox_cert_store_path = '/var/lib/knox/data/security/keystores/gateway.jks'
{code}

to:

{code}
knox_master_secret_path = '/usr/hdp/current/knox-server/data/security/master' 
knox_cert_store_path = '/usr/hdp/current/knox-server/data/security/keystores/gateway.jks'
{code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message