You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi, all
Our Hadoop is secured / kerberized, and I have set druid.hadoop.security.kerberos.principal and druid.hadoop.security.kerberos.keytab
The following error occurred when druid startup :
`2019-06-06T10:13:00,966 INFO [main] io.druid.storage.hdfs.HdfsStorageAuthentication - Trying to authenticate user [hdfs/hadoop.hadoop.com@HADOOP.COM] with keytab [/home/cspexpert/hdfs.keytab]..
2019-06-06T10:13:00,980 ERROR [main] io.druid.cli.CliOverlord - Error when starting up. Failing.
java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_181]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_181]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_181]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_181]
at io.druid.java.util.common.lifecycle.Lifecycle$AnnotationBasedHandler.start(Lifecycle.java:364) ~[java-util-0.10.0.jar:0.10.0]
at io.druid.java.util.common.lifecycle.Lifecycle.start(Lifecycle.java:263) ~[java-util-0.10.0.jar:0.10.0]
at io.druid.guice.LifecycleModule$2.start(LifecycleModule.java:156) ~[druid-api-0.10.0.jar:0.10.0]
at io.druid.cli.GuiceRunnable.initLifecycle(GuiceRunnable.java:102) [druid-services-0.10.1-SNAPSHOT.jar:0.10.1-SNAPSHOT]
at io.druid.cli.ServerRunnable.run(ServerRunnable.java:41) [druid-services-0.10.1-SNAPSHOT.jar:0.10.1-SNAPSHOT]
at io.druid.cli.Main.main(Main.java:108) [druid-services-0.10.1-SNAPSHOT.jar:0.10.1-SNAPSHOT]
Caused by: io.druid.java.util.common.ISE: Failed to authenticate user principal [hdfs/hadoop.hadoop.com@HADOOP.COM] with keytab [/home/cspexpert/hdfs.keytab]
at io.druid.storage.hdfs.HdfsStorageAuthentication.authenticate(HdfsStorageAuthentication.java:71) ~[?:?]
... 10 more
Caused by: java.io.IOException: Login failure for hdfs/hadoop.hadoop.com@HADOOP.COM from keytab /home/cspexpert/hdfs.keytab
at org.apache.hadoop.security.UserGroupInformation.loginUserFromKeytab(UserGroupInformation.java:890) ~[?:?]
at io.druid.storage.hdfs.HdfsStorageAuthentication.authenticate(HdfsStorageAuthentication.java:67) ~[?:?]
... 10 more
Caused by: javax.security.auth.login.LoginException: Unable to obtain password from user
at com.sun.security.auth.module.Krb5LoginModule.promptForPass(Krb5LoginModule.java:897) ~[?:1.8.0_181]
at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:760) ~[?:1.8.0_181]
at com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:617) ~[?:1.8.0_181]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_181]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_181]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_181]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_181]
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:755) ~[?:1.8.0_181]
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:195) ~[?:1.8.0_181]
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:682) ~[?:1.8.0_181]
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:680) ~[?:1.8.0_181]
at java.security.AccessController.doPrivileged(Native Method) ~[?:1.8.0_181]
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) ~[?:1.8.0_181]
at javax.security.auth.login.LoginContext.login(LoginContext.java:587) ~[?:1.8.0_181]
at org.apache.hadoop.security.UserGroupInformation.loginUserFromKeytab(UserGroupInformation.java:881) ~[?:?]
at io.druid.storage.hdfs.HdfsStorageAuthentication.authenticate(HdfsStorageAuthentication.java:67) ~[?:?]
... 10 more
`
hadoop version 2.7.3 druid version 0.10.0
Have someone can help or tell me solution.
Thanks
The text was updated successfully, but these errors were encountered:
@h00173922 Unable to obtain password from user is generally thrown from Java Kerberos classes and happens when it cannot use the keytab successfully (typically when it has no access to the keytab file or the file doesn't exist). When that happens, it will fallback to a prompt asking for password and this would almost always timeout and fail with that error message.
So you should probably check if the keytab is accessible by the user running the druid process.
This issue has been marked as stale due to 280 days of inactivity. It will be closed in 4 weeks if no further activity occurs. If this issue is still relevant, please simply write any comment. Even if closed, you can still revive the issue at any time or discuss it on the dev@druid.apache.org list. Thank you for your contributions.
This issue has been closed due to lack of activity. If you think that is incorrect, or the issue requires additional review, you can revive the issue at any time.
Hi, all
Our Hadoop is secured / kerberized, and I have set druid.hadoop.security.kerberos.principal and druid.hadoop.security.kerberos.keytab
The following error occurred when druid startup :
`2019-06-06T10:13:00,966 INFO [main] io.druid.storage.hdfs.HdfsStorageAuthentication - Trying to authenticate user [hdfs/hadoop.hadoop.com@HADOOP.COM] with keytab [/home/cspexpert/hdfs.keytab]..
2019-06-06T10:13:00,980 ERROR [main] io.druid.cli.CliOverlord - Error when starting up. Failing.
java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_181]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_181]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_181]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_181]
at io.druid.java.util.common.lifecycle.Lifecycle$AnnotationBasedHandler.start(Lifecycle.java:364) ~[java-util-0.10.0.jar:0.10.0]
at io.druid.java.util.common.lifecycle.Lifecycle.start(Lifecycle.java:263) ~[java-util-0.10.0.jar:0.10.0]
at io.druid.guice.LifecycleModule$2.start(LifecycleModule.java:156) ~[druid-api-0.10.0.jar:0.10.0]
at io.druid.cli.GuiceRunnable.initLifecycle(GuiceRunnable.java:102) [druid-services-0.10.1-SNAPSHOT.jar:0.10.1-SNAPSHOT]
at io.druid.cli.ServerRunnable.run(ServerRunnable.java:41) [druid-services-0.10.1-SNAPSHOT.jar:0.10.1-SNAPSHOT]
at io.druid.cli.Main.main(Main.java:108) [druid-services-0.10.1-SNAPSHOT.jar:0.10.1-SNAPSHOT]
Caused by: io.druid.java.util.common.ISE: Failed to authenticate user principal [hdfs/hadoop.hadoop.com@HADOOP.COM] with keytab [/home/cspexpert/hdfs.keytab]
at io.druid.storage.hdfs.HdfsStorageAuthentication.authenticate(HdfsStorageAuthentication.java:71) ~[?:?]
... 10 more
Caused by: java.io.IOException: Login failure for hdfs/hadoop.hadoop.com@HADOOP.COM from keytab /home/cspexpert/hdfs.keytab
at org.apache.hadoop.security.UserGroupInformation.loginUserFromKeytab(UserGroupInformation.java:890) ~[?:?]
at io.druid.storage.hdfs.HdfsStorageAuthentication.authenticate(HdfsStorageAuthentication.java:67) ~[?:?]
... 10 more
Caused by: javax.security.auth.login.LoginException: Unable to obtain password from user
`
hadoop version 2.7.3 druid version 0.10.0
Have someone can help or tell me solution.
Thanks
The text was updated successfully, but these errors were encountered: