问题描述
我被 oozie 和 kerberos 集成阻止了。
我的操作步骤如下(千万不要用root运行任何命令):
-
通过 CM 6.3.1 安装 CdH 6.3.2 -- 好的
-
在没有 Kerberos 集成的情况下测试每个组件
I can't log on as root user but can do "sudo" without password Each test is under proper account. Eg. Use "sudo -uyarn yarn ..." to test YARN HDFS HA -- OK YARN HA -- OK Hive HA -- OK Spark -- OK Oozie -- OK HUE -- OK -
集成 Kerberos 和 CdH
Use CM to complete this operation -- OK Each principal and keytab are also generated automatically -
使用 Kerberos 测试 CdH
find hive.keytab on hiveserver2 node copy the hive.keytab to appuser home directory kinit -kt hive.keytab hive/host password... Then I can use beeline to run hive sql correctly Also I can run other command correctly,such as "hdfs dfs -ls /" -
Oozie 出了点问题
I find oozie.keytab on oozie server copy the keytab to appuser home directory kdestroy kinit -kt oozie.keytab oozie/host Get into the oozie job directory Run the oozie command: oozie job -oozie http://oozieServer:11000/oozie -config job.properties -run This oozie job is OK in non-Kerberos environment nothing is changed in job.properties or workflow.xml But it can work Now. I get the error messages as follows:
java.lang.IllegalArgumentException: Does not contain a valid host:port authority: yarnRM
at org.apache.hadoop.net.NetUtils.createSocketAddr(NetUtils.java:213)
at org.apache.hadoop.net.NetUtils.createSocketAddr(NetUtils.java:164)
at org.apache.hadoop.net.NetUtils.createSocketAddr(NetUtils.java:153)
at org.apache.oozie.action.hadoop.HadoopTokenHelper.getServerPrincipal(HadoopTokenHelper.java:73)
at org.apache.oozie.action.hadoop.HadoopTokenHelper.getServerPrincipal(HadoopTokenHelper.java:51)
at org.apache.oozie.action.hadoop.YarnRMCredentials.updateCredentials(YarnRMCredentials.java:55)
at org.apache.oozie.action.hadoop.JavaActionExecutor.setCredentialTokens(JavaActionExecutor.java:1503)
at org.apache.oozie.action.hadoop.JavaActionExecutor.submitLauncher(JavaActionExecutor.java:1053)
at org.apache.oozie.action.hadoop.JavaActionExecutor.start(JavaActionExecutor.java:1601)
at org.apache.oozie.command.wf.ActionStartXCommand.execute(ActionStartXCommand.java:243)
at org.apache.oozie.command.wf.ActionStartXCommand.execute(ActionStartXCommand.java:68)
at org.apache.oozie.command.XCommand.call(XCommand.java:291)
at org.apache.oozie.service.CallableQueueService$CompositeCallable.call(CallableQueueService.java:363)
at org.apache.oozie.service.CallableQueueService$CompositeCallable.call(CallableQueueService.java:292)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at org.apache.oozie.service.CallableQueueService$CallableWrapper.run(CallableQueueService.java:210)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
job.properties 是:
nameNode=hdfs://nameservice1
resourceManager=yarnRM
queueName=root.users.testq
appRoot=simple-mr
oozie.wf.application.path=${nameNode}/oozie-test/${appRoot}/single-wordcount/workflow.xml
workflow.xml 如下:
<workflow-app xmlns="uri:oozie:workflow:1.0" name="simple-wordcount">
<start to="mr-node"/>
<action name="mr-node">
<map-reduce>
<resource-manager>${resourceManager}</resource-manager>
<name-node>${nameNode}</name-node>
<prepare>
<delete path="${nameNode}/oozie-test/${appRoot}/single-wordcount/output"/>
</prepare>
<configuration>
<property>
<name>mapred.job.queue.name</name>
<value>${queueName}</value>
</property>
<!--New API-->
<property>
<name>mapred.mapper.new-api</name>
<value>true</value>
</property>
<property>
<name>mapred.reducer.new-api</name>
<value>true</value>
</property>
<!--mapper class-->
<property>
<name>mapreduce.job.map.class</name>
<value>com.william.oozie.mr.test.TokenizerMapper</value>
</property>
<property>
<name>mapreduce.map.output.key.class</name>
<value>org.apache.hadoop.io.Text</value>
</property>
<property>
<name>mapreduce.map.output.value.class</name>
<value>org.apache.hadoop.io.IntWritable</value>
</property>
<!--reducer class-->
<property>
<name>mapreduce.job.reduce.class</name>
<value>com.william.oozie.mr.test.IntSumReducer</value>
</property>
<property>
<name>mapreduce.job.output.key.class</name>
<value>org.apache.hadoop.io.Text</value>
</property>
<property>
<name>mapreduce.job.output.value.class</name>
<value>org.apache.hadoop.io.IntWritable</value>
</property>
<!--INPUT-->
<property>
<name>mapreduce.input.fileinputformat.inputdir</name>
<value>${nameNode}/test-with-auth/test-file</value>
</property>
<!--OUTPUT-->
<property>
<name>mapreduce.output.fileoutputformat.outputdir</name>
<value>${nameNode}/oozie-test/${appRoot}/single-wordcount/output</value>
</property>
</configuration>
</map-reduce>
<ok to="end"/>
<error to="fail"/>
</action>
<kill name="fail">
<message>Map/Reduce Failed,error message[${wf:errorMessage(wf:lastErrorNode())}]
</message>
</kill>
<end name="end"/>
</workflow-app>
我确实使用 YARN HA,“yarn.resourcemanager.cluster-id”是“yarnRM”
job.properties 和 workflow.xml 在非 Kerberos 环境中运行良好,但在 Kerberos 环境中无法运行。
我不知道该怎么办。
请帮帮我。
非常感谢!
解决方法
暂无找到可以解决该程序问题的有效方法,小编努力寻找整理中!
如果你已经找到好的解决方法,欢迎将解决方案带上本链接一起发送给小编。
小编邮箱:dio#foxmail.com (将#修改为@)