Enable HA for ranger KMS

0 votes

Hi Team,

I try to enable HA for ranger KMS and now my Hadoop cluster i.e hive Metastore and CDAP components are not coming up. I tried to delete ranger km on one node and installed one another but pointing to the same DB, ranger KMS is up. somehow facing the below error.

keytest has not been created. java.io.FileNotFoundException: http://<node>):9292/kms/v1/keys?user.name=ranger
java.io.FileNotFoundException:  http://<node>)::9292/kms/v1/keys?user.name=ranger
    at org.apache.hadoop.security.authentication.client.AuthenticatedURL.extractToken(AuthenticatedURL.java:275)
    at org.apache.hadoop.security.authentication.client.PseudoAuthenticator.authenticate(PseudoAuthenticator.java:77)
    at org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticator.authenticate(DelegationTokenAuthenticator.java:133)
    at org.apache.hadoop.security.authentication.client.KerberosAuthenticator.authenticate(KerberosAuthenticator.java:212)
    at org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticator.authenticate(DelegationTokenAuthenticator.java:133)
    at org.apache.hadoop.security.authentication.client.AuthenticatedURL.openConnection(AuthenticatedURL.java:216)
    at org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticatedURL.openConnection(DelegationTokenAuthenticatedURL.java:322)
    at org.apache.hadoop.crypto.key.kms.KMSClientProvider$1.run(KMSClientProvider.java:542)
    at org.apache.hadoop.crypto.key.kms.KMSClientProvider$1.run(KMSClientProvider.java:537)
    at java.security.AccessController.doPrivileged(Native Method)
    at javax.security.auth.Subject.doAs(Subject.java:422)
    at org.apache.hadoop.security.UserGroupInformation.doAs(UserGroupInformation.java:1869)
    at org.apache.hadoop.crypto.key.kms.KMSClientProvider.createConnection(KMSClientProvider.java:536)
    at org.apache.hadoop.crypto.key.kms.KMSClientProvider.createKeyInternal(KMSClientProvider.java:730)
Tried to do kereberos principal .
2020-10-05 14:47:09,152 - Will retry 24 time(s), caught exception: (u"Execution of '/usr/bin/kinit -c /var/lib/ambari-agent/tmp/curl_krb_cache/ranger_admin_calls_kms_cc_8626da51dfb17bab12e2715758b908ef778f484970010f4473be7a04 -kt /etc/security/keytabs/rangerkms.service.keytab rangerkms/data01.data.cxidev.oraclevcn.com@data.cxidev.oraclevcn.com > /dev/null' returned 1. kinit: Password incorrect while getting initial credentials",). Sleeping for 8 sec(s)

Please try to help me to refresh the environment. How can I make hive Metastore and ranger kms up without uninstalling hdp components? Please pour ur suggestion new to Amabri UI and HDP components.

Oct 14, 2020 in Big Data Hadoop by anonymous
• 450 points

edited Oct 15, 2020 by MD 66 views

1 answer to this question.

0 votes

Hi,

If you have installed Ranger through Ambari and now need to reset the entire cluster, then there are no special steps that are necessary for uninstalling Ranger. You will get more detailed information from the below-given link.

https://www.ibm.com/support/knowledgecenter/en/SSPT3X_4.2.0/com.ibm.swg.im.infosphere.biginsights.install.doc/doc/bi_install_ranger_uninstall.html

answered Oct 15, 2020 by MD
• 95,040 points

Related Questions In Big Data Hadoop

0 votes
0 answers

Enable HA for mapreduce jobhistory server

Hi Team, From past few days I am ...READ MORE

Sep 23, 2020 in Big Data Hadoop by Shilpa S
• 450 points
103 views
0 votes
1 answer

How to enable impersonation in Hue for Impala?

In the Hue configuration file, search for ...READ MORE

answered May 24, 2019 in Big Data Hadoop by Jimmy
509 views
0 votes
1 answer

Configurations to enable impersonation for Hbase thrift servers

The default configuration suggested in the official ...READ MORE

answered May 27, 2019 in Big Data Hadoop by Khan
302 views
0 votes
1 answer

HiveServer2: Enable LDAP Authentication for managed clusters

Follow the below mentioned steps to enable ...READ MORE

answered Jun 3, 2019 in Big Data Hadoop by Karan
102 views
+1 vote
1 answer

Hadoop Mapreduce word count Program

Firstly you need to understand the concept ...READ MORE

answered Mar 16, 2018 in Data Analytics by nitinrawat895
• 11,380 points
6,870 views
0 votes
1 answer

hadoop.mapred vs hadoop.mapreduce?

org.apache.hadoop.mapred is the Old API  org.apache.hadoop.mapreduce is the ...READ MORE

answered Mar 16, 2018 in Data Analytics by nitinrawat895
• 11,380 points
1,104 views
+2 votes
11 answers

hadoop fs -put command?

Hi, You can create one directory in HDFS ...READ MORE

answered Mar 16, 2018 in Big Data Hadoop by nitinrawat895
• 11,380 points
48,550 views
–1 vote
1 answer

Hadoop dfs -ls command?

In your case there is no difference ...READ MORE

answered Mar 16, 2018 in Big Data Hadoop by kurt_cobain
• 9,390 points
2,609 views
0 votes
1 answer

Validating HA for ranger KMS

Hi@Shilpa, It seems your user doesn't have the ...READ MORE

answered Nov 9, 2020 in Big Data Hadoop by MD
• 95,040 points
79 views
0 votes
1 answer

HA ranger KMS ,

Hi@Shilpa, If you have installed Ranger through Ambari ...READ MORE

answered Oct 15, 2020 in Big Data Hadoop by MD
• 95,040 points
70 views