0
我正在嘗試通過直線獲取hiveserver2以與kerberized HDP 2.3羣集一起工作。我在亞馬遜ec2。Kerberized Hadoop Hive直線訪問問題
一旦我得到一種可再生的票,我能夠執行HDFS操作也推出先生的工作..
即使蜂巢CLI無法通過蜂巢服務器2 ..那工作以及..
當我嘗試通過直線連接..我得到一個錯誤周圍沒有找到tgt ..當我實際上它是beuuching直線命令
我得到票作爲我自己的用戶..但我使用配置單元/ @爲主..
只爲t esting我試圖用自己的蜂巢密鑰表取票以及..沒有工作..
很多文章只是建議發動直線前續訂令牌..沒有工作
一篇文章建議使用不同的主體和密鑰表爲蜂巢metastore ...
的建議
這裏是在/ etc/krb5的SASL啓用沒有工作。 CONF:
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
default_realm = ABC.COM
dns_lookup_realm = false
dns_lookup_kdc = false
ticket_lifetime = 30m
renew_lifetime = 10h
forwardable = true
udp_preference_limit = 1
[realms]
ABC.COM = {
kdc = localhost
admin_server = localhost
default_principal_flags = +renewable
max_renewable_life = 7d 0h 0m 0s
}
[domain_realm]
.abc.com = ABC.COM
abc.com = ABC.COM
TicketDetails:
$ klist -f
Ticket cache: FILE:/tmp/krb5cc_500
Default principal: [email protected]
Valid starting Expires Service principal
10/17/15 13:40:26 10/17/15 14:10:26 krbtgt/[email protected]
renew until 10/17/15 23:04:27, Flags: FRIT
$ date
Sat Oct 17 13:41:02 EDT 2015
的直線連接字符串:
!connect jdbc:hive2://<hive_host>:10000/default;principal=hive/ip-<hive_host>.ec2.internal[email protected]
爲蜂巢服務器2 netstat的輸出:
$ sudo netstat -tunlp | grep 10000
tcp 0 0 0.0.0.0:10000 0.0.0.0:* LISTEN 11272/java
我曾試圖結合它到私人IP以及..相同結果..
全STRACK從直線
Error: Could not open client transport with JDBC Uri: jdbc:hive2://<hive_host>:10000/default;principal=hive/ip-<hive_host>[email protected]: GSS initiate failed (state=08S01,code=0)
0: jdbc:hive2://<hive_host>:10000/default (closed)> 15/10/17 13:06:14 [main]: ERROR transport.TSaslTransport: SASL negotiation failure
javax.security.sasl.SaslException: GSS initiate failed [Caused by GSSException: No valid credentials provided (Mechanism level: Failed to find any Kerberos tgt)]
at com.sun.security.sasl.gsskerb.GssKrb5Client.evaluateChallenge(GssKrb5Client.java:212)
at org.apache.thrift.transport.TSaslClientTransport.handleSaslStartMessage(TSaslClientTransport.java:94)
at org.apache.thrift.transport.TSaslTransport.open(TSaslTransport.java:271)
at org.apache.thrift.transport.TSaslClientTransport.open(TSaslClientTransport.java:37)
at org.apache.hadoop.hive.thrift.client.TUGIAssumingTransport$1.run(TUGIAssumingTransport.java:52)
at org.apache.hadoop.hive.thrift.client.TUGIAssumingTransport$1.run(TUGIAssumingTransport.java:49)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAs(Subject.java:415)
at org.apache.hadoop.security.UserGroupInformation.doAs(UserGroupInformation.java:1657)
at org.apache.hadoop.hive.thrift.client.TUGIAssumingTransport.open(TUGIAssumingTransport.java:49)
at org.apache.hive.jdbc.HiveConnection.openTransport(HiveConnection.java:210)
at org.apache.hive.jdbc.HiveConnection.<init>(HiveConnection.java:180)
at org.apache.hive.jdbc.HiveDriver.connect(HiveDriver.java:105)
at java.sql.DriverManager.getConnection(DriverManager.java:571)
at java.sql.DriverManager.getConnection(DriverManager.java:187)
at org.apache.hive.beeline.DatabaseConnection.connect(DatabaseConnection.java:142)
at org.apache.hive.beeline.DatabaseConnection.getConnection(DatabaseConnection.java:207)
對我缺少的是什麼任何建議痕跡?
的KMS是遊俠KMS