HA ranger KMS

0 votes

Hi Team,
I was looking into HA for ranger KMS enabled config and somewhere my env got to mess up :( New to Hadoop. Now I deleted ranger KMS on the new node and deleted it on an existing node, but DB is pointing to the same node and facing the same issue as below. Hive Metastore and CDAP are not coming up.

keytest has not been created. java.io.FileNotFoundException: http://<node>):9292/kms/v1/keys?user.name=ranger
java.io.FileNotFoundException: http://<node>)::9292/kms/v1/keys?user.name=ranger                         at org.apache.hadoop.security.authentication.client.AuthenticatedURL.extractToken(AuthenticatedURL.java:275)
    at org.apache.hadoop.security.authentication.client.PseudoAuthenticator.authenticate(PseudoAuthenticator.java:77)
    at org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticator.authenticate(DelegationTokenAuthenticator.java:133)
    at org.apache.hadoop.security.authentication.client.KerberosAuthenticator.authenticate(KerberosAuthenticator.java:212)
    at org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticator.authenticate(DelegationTokenAuthenticator.java:133)
    at org.apache.hadoop.security.authentication.client.AuthenticatedURL.openConnection(AuthenticatedURL.java:216)
    at org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticatedURL.openConnection(DelegationTokenAuthenticatedURL.java:322)
    at org.apache.hadoop.crypto.key.kms.KMSClientProvider$1.run(KMSClientProvider.java:542)
    at org.apache.hadoop.crypto.key.kms.KMSClientProvider$1.run(KMSClientProvider.java:537)
    at java.security.AccessController.doPrivileged(Native Method)
    at javax.security.auth.Subject.doAs(Subject.java:422)
    at org.apache.hadoop.security.UserGroupInformation.doAs(UserGroupInformation.java:1869)
    at org.apache.hadoop.crypto.key.kms.KMSClientProvider.createConnection(KMSClientProvider.java:536)
    at org.apache.hadoop.crypto.key.kms.KMSClientProvider.createKeyInternal(KMSClientProvider.java:730)
Issue2 ::
2020-10-05 14:47:09,052 - checked_call['/usr/bin/kinit -c /var/lib/ambari-agent/tmp/curl_krb_cache/ranger_admin_calls_kms_cc_8626da51dfb17bab12e2715758b908ef778f484970010f4473be7a04 -kt /etc/security/keytabs/rangerkms.service.keytab rangerkms/data01.data.cxidev.oraclevcn.com@data.cxidev.oraclevcn.com > /dev/null'] {'user': 'kms'}
2020-10-05 14:47:09,152 - Will retry 24 time(s), caught exception: (u"Execution of '/usr/bin/kinit -c /var/lib/ambari-agent/tmp/curl_krb_cache/ranger_admin_calls_kms_cc_8626da51dfb17bab12e2715758b908ef778f484970010f4473be7a04 -kt /etc/security/keytabs/rangerkms.service.keytab rangerkms/data01.data.cxidev.oraclevcn.com@data.cxidev.oraclevcn.com > /dev/null' returned 1. kinit: Password incorrect while getting initial credentials",). Sleeping for 8 sec(s)

Kindly pour your suggestion, stuck with this issue.

Oct 14, 2020 in Big Data Hadoop by Shilpa S
• 450 points

edited Oct 15, 2020 by MD 70 views

1 answer to this question.

0 votes

Hi@Shilpa,

If you have installed Ranger through Ambari and now need to reset the entire cluster, then there are no special steps that are necessary for uninstalling Ranger. You will get more detailed information from the below-given link.

https://www.ibm.com/support/knowledgecenter/en/SSPT3X_4.2.0/com.ibm.swg.im.infosphere.biginsights.install.doc/doc/bi_install_ranger_uninstall.html

answered Oct 15, 2020 by MD
• 95,040 points

Related Questions In Big Data Hadoop

0 votes
1 answer

Adding Ranger KMS server using ambari

Hi@Shllpa, It is asking for admin credentials. Did ...READ MORE

answered Sep 28, 2020 in Big Data Hadoop by MD
• 95,040 points
70 views
0 votes
1 answer

Ranger kms create key failed

Hi@shllpa, I have checked your file. All seems ...READ MORE

answered Oct 6, 2020 in Big Data Hadoop by MD
• 95,040 points
186 views
0 votes
1 answer

Ranger kms is not coming up

Hi@Shilpa, There may be lots of reasons behind ...READ MORE

answered Oct 19, 2020 in Big Data Hadoop by MD
• 95,040 points
155 views
0 votes
1 answer

Ranger Kms having multiple instance enabled.

Hi@Shllpa, First, you need to check the network ...READ MORE

answered Oct 23, 2020 in Big Data Hadoop by MD
• 95,040 points
118 views
+1 vote
1 answer

Hadoop Mapreduce word count Program

Firstly you need to understand the concept ...READ MORE

answered Mar 16, 2018 in Data Analytics by nitinrawat895
• 11,380 points
6,870 views
0 votes
1 answer

hadoop.mapred vs hadoop.mapreduce?

org.apache.hadoop.mapred is the Old API  org.apache.hadoop.mapreduce is the ...READ MORE

answered Mar 16, 2018 in Data Analytics by nitinrawat895
• 11,380 points
1,104 views
+2 votes
11 answers

hadoop fs -put command?

Hi, You can create one directory in HDFS ...READ MORE

answered Mar 16, 2018 in Big Data Hadoop by nitinrawat895
• 11,380 points
48,551 views
–1 vote
1 answer

Hadoop dfs -ls command?

In your case there is no difference ...READ MORE

answered Mar 16, 2018 in Big Data Hadoop by kurt_cobain
• 9,390 points
2,609 views
0 votes
1 answer

Enable HA for ranger KMS.

Hi, If you have installed Ranger through Ambari ...READ MORE

answered Oct 15, 2020 in Big Data Hadoop by MD
• 95,040 points
66 views
0 votes
1 answer

Validating HA for ranger KMS

Hi@Shilpa, It seems your user doesn't have the ...READ MORE

answered Nov 9, 2020 in Big Data Hadoop by MD
• 95,040 points
79 views