Question

Hi Team,

I try to enable HA for ranger KMS and now my Hadoop cluster i.e hive Metastore and CDAP components are not coming up. I tried to delete ranger km on one node and installed one another but pointing to the same DB, ranger KMS is up. somehow facing the below error.

keytest has not been created. java.io.FileNotFoundException: http://<node>):9292/kms/v1/keys?user.name=ranger
java.io.FileNotFoundException:  http://<node>)::9292/kms/v1/keys?user.name=ranger
    at org.apache.hadoop.security.authentication.client.AuthenticatedURL.extractToken(AuthenticatedURL.java:275)
    at org.apache.hadoop.security.authentication.client.PseudoAuthenticator.authenticate(PseudoAuthenticator.java:77)
    at org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticator.authenticate(DelegationTokenAuthenticator.java:133)
    at org.apache.hadoop.security.authentication.client.KerberosAuthenticator.authenticate(KerberosAuthenticator.java:212)
    at org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticator.authenticate(DelegationTokenAuthenticator.java:133)
    at org.apache.hadoop.security.authentication.client.AuthenticatedURL.openConnection(AuthenticatedURL.java:216)
    at org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticatedURL.openConnection(DelegationTokenAuthenticatedURL.java:322)
    at org.apache.hadoop.crypto.key.kms.KMSClientProvider$1.run(KMSClientProvider.java:542)
    at org.apache.hadoop.crypto.key.kms.KMSClientProvider$1.run(KMSClientProvider.java:537)
    at java.security.AccessController.doPrivileged(Native Method)
    at javax.security.auth.Subject.doAs(Subject.java:422)
    at org.apache.hadoop.security.UserGroupInformation.doAs(UserGroupInformation.java:1869)
    at org.apache.hadoop.crypto.key.kms.KMSClientProvider.createConnection(KMSClientProvider.java:536)
    at org.apache.hadoop.crypto.key.kms.KMSClientProvider.createKeyInternal(KMSClientProvider.java:730)
Tried to do kereberos principal .
2020-10-05 14:47:09,152 - Will retry 24 time(s), caught exception: (u"Execution of '/usr/bin/kinit -c /var/lib/ambari-agent/tmp/curl_krb_cache/ranger_admin_calls_kms_cc_8626da51dfb17bab12e2715758b908ef778f484970010f4473be7a04 -kt /etc/security/keytabs/rangerkms.service.keytab rangerkms/data01.data.cxidev.oraclevcn.com@data.cxidev.oraclevcn.com > /dev/null' returned 1. kinit: Password incorrect while getting initial credentials",). Sleeping for 8 sec(s)

Please try to help me to refresh the environment. How can I make hive Metastore and ranger kms up without uninstalling hdp components? Please pour ur suggestion new to Amabri UI and HDP components.

Answer 1

Hi,

If you have installed Ranger through Ambari and now need to reset the entire cluster, then there are no special steps that are necessary for uninstalling Ranger.