Question

Hi Team,

While enabling HA for the Ranger KMS, I got to mess up with Kerberos. I do admit that I am new to Hadoop and Kerberos. However, I cleaned up by following below steps:

1)Stop and delete both ranger admin, Rangerkms service. through Ambari.

2) drop DB and user.

To start ranger KMS:

  1. Add service, add the user. Now my DB shows as

mysql> show databases
    -> ;
+--------------------+
| Database           |
+--------------------+
| information_schema |
| ambari             |
| hive               |
| mysql              |
| performance_schema |
| ranger             |
| rangerkms          |
+--------------------+
7 rows in set (0.00 sec)

mysql> select user, host from mysql.user;                                                                                                                                               +-------------+----------------------------------+
| user        | host                             |
+-------------+----------------------------------+

3.But still my ranger KMS is failing.

  I have another node where Kerberos installed

   2 10/16/2020 10:53:07 rangerkms@<datanodes>

4. I tried to add tickets by executing this command

kinit -kt /etc/security/keytabs/rangerkms.service.keytab rangerkms/data01.@data.<domain>.com

kinit: Keytab contains no suitable keys for  rangerkms/data01.@data.<domain>.com while getting initial credentials

WHich step I am going wrong ...

In ranger below is the error

keytabs/rangerkms.service.keytab rangerkms/data01@<domain> > /dev/null' returned 1. kinit: Client '
rangerkms/data01@<domain> 
' not found in Kerberos database while getting initial credentials"

Please pour suggestion.

Answer 1

Hi@Shilpa,

There may be lots of reasons behind this error. You need to troubleshoot in multiple ways. First, check if all the services are in a running state or not. you can also restart all the Kerberos services. Also, destroy Kerberos credentials and recreate it.

Comments

Thank you, yes your right hivemetastore is also not coming up ..:(