HA ranger KMS

0 votes

Hi Team,
I was looking into HA for ranger KMS enabled config and somewhere my env got to mess up :( New to Hadoop. Now I deleted ranger KMS on the new node and deleted it on an existing node, but DB is pointing to the same node and facing the same issue as below. Hive Metastore and CDAP are not coming up.

keytest has not been created. java.io.FileNotFoundException: http://<node>):9292/kms/v1/keys?user.name=ranger
java.io.FileNotFoundException: http://<node>)::9292/kms/v1/keys?user.name=ranger                         at org.apache.hadoop.security.authentication.client.AuthenticatedURL.extractToken(AuthenticatedURL.java:275)
    at org.apache.hadoop.security.authentication.client.PseudoAuthenticator.authenticate(PseudoAuthenticator.java:77)
    at org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticator.authenticate(DelegationTokenAuthenticator.java:133)
    at org.apache.hadoop.security.authentication.client.KerberosAuthenticator.authenticate(KerberosAuthenticator.java:212)
    at org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticator.authenticate(DelegationTokenAuthenticator.java:133)
    at org.apache.hadoop.security.authentication.client.AuthenticatedURL.openConnection(AuthenticatedURL.java:216)
    at org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticatedURL.openConnection(DelegationTokenAuthenticatedURL.java:322)
    at org.apache.hadoop.crypto.key.kms.KMSClientProvider$1.run(KMSClientProvider.java:542)
    at org.apache.hadoop.crypto.key.kms.KMSClientProvider$1.run(KMSClientProvider.java:537)
    at java.security.AccessController.doPrivileged(Native Method)
    at javax.security.auth.Subject.doAs(Subject.java:422)
    at org.apache.hadoop.security.UserGroupInformation.doAs(UserGroupInformation.java:1869)
    at org.apache.hadoop.crypto.key.kms.KMSClientProvider.createConnection(KMSClientProvider.java:536)
    at org.apache.hadoop.crypto.key.kms.KMSClientProvider.createKeyInternal(KMSClientProvider.java:730)
Issue2 ::
2020-10-05 14:47:09,052 - checked_call['/usr/bin/kinit -c /var/lib/ambari-agent/tmp/curl_krb_cache/ranger_admin_calls_kms_cc_8626da51dfb17bab12e2715758b908ef778f484970010f4473be7a04 -kt /etc/security/keytabs/rangerkms.service.keytab rangerkms/data01.data.cxidev.oraclevcn.com@data.cxidev.oraclevcn.com > /dev/null'] {'user': 'kms'}
2020-10-05 14:47:09,152 - Will retry 24 time(s), caught exception: (u"Execution of '/usr/bin/kinit -c /var/lib/ambari-agent/tmp/curl_krb_cache/ranger_admin_calls_kms_cc_8626da51dfb17bab12e2715758b908ef778f484970010f4473be7a04 -kt /etc/security/keytabs/rangerkms.service.keytab rangerkms/data01.data.cxidev.oraclevcn.com@data.cxidev.oraclevcn.com > /dev/null' returned 1. kinit: Password incorrect while getting initial credentials",). Sleeping for 8 sec(s)

Kindly pour your suggestion, stuck with this issue.

Oct 15, 2020 in Big Data Hadoop by Shilpa S
 • 450 points
edited Oct 15, 2020 by MD 807 views

1 answer to this question.

0 votes

Hi@Shilpa,

If you have installed Ranger through Ambari and now need to reset the entire cluster, then there are no special steps that are necessary for uninstalling Ranger. 

answered Oct 15, 2020 by MD
 • 95,460 points

Related Questions In Big Data Hadoop

0 votes
1 answer

Adding Ranger KMS server using ambari

Hi@Shllpa, It is asking for admin credentials. Did ...READ MORE

answered Sep 28, 2020 in Big Data Hadoop by MD
 • 95,460 points 584 views
0 votes
1 answer

Ranger kms create key failed

Hi@shllpa, I have checked your file. All seems ...READ MORE

answered Oct 6, 2020 in Big Data Hadoop by MD
 • 95,460 points 1,730 views
0 votes
1 answer

Ranger kms is not coming up

Hi@Shilpa, There may be lots of reasons behind ...READ MORE

answered Oct 19, 2020 in Big Data Hadoop by MD
 • 95,460 points 1,176 views
0 votes
1 answer

Ranger Kms having multiple instance enabled.

Hi@Shllpa, First, you need to check the network ...READ MORE

answered Oct 23, 2020 in Big Data Hadoop by MD
 • 95,460 points 1,321 views
+1 vote
1 answer

Hadoop Mapreduce word count Program

Firstly you need to understand the concept ...READ MORE

answered Mar 16, 2018 in Data Analytics by nitinrawat895
 • 11,380 points 11,028 views
0 votes
1 answer

hadoop.mapred vs hadoop.mapreduce?

org.apache.hadoop.mapred is the Old API  org.apache.hadoop.mapreduce is the ...READ MORE

answered Mar 16, 2018 in Data Analytics by nitinrawat895
 • 11,380 points 2,536 views
+2 votes
11 answers

hadoop fs -put command?

Hi, You can create one directory in HDFS ...READ MORE

answered Mar 16, 2018 in Big Data Hadoop by nitinrawat895
 • 11,380 points 108,832 views
–1 vote
1 answer

Hadoop dfs -ls command?

In your case there is no difference ...READ MORE

answered Mar 16, 2018 in Big Data Hadoop by kurt_cobain
 • 9,350 points 4,612 views
0 votes
1 answer

Enable HA for ranger KMS.

Hi, If you have installed Ranger through Ambari ...READ MORE

answered Oct 15, 2020 in Big Data Hadoop by MD
 • 95,460 points 739 views
0 votes
1 answer

Validating HA for ranger KMS

Hi@Shilpa, It seems your user doesn't have the ...READ MORE

answered Nov 9, 2020 in Big Data Hadoop by MD
 • 95,460 points 996 views
webinar REGISTER FOR FREE WEBINAR X
REGISTER NOW
webinar_success Thank you for registering Join Edureka Meetup community for 100+ Free Webinars each month JOIN MEETUP GROUP
"PMP®","PMI®", "PMI-ACP®" and "PMBOK®" are registered marks of the Project Management Institute, Inc. MongoDB®, Mongo and the leaf logo are the registered trademarks of MongoDB, Inc.