phoenix-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mallieswari Dineshbabu <dmalliesw...@gmail.com>
Subject Re: Cannot connect phoenix client in kerberos cluster
Date Fri, 06 Oct 2017 09:28:16 GMT
Hi rafa,
I have this Kernel32 error in normal hadoop cluster also but i can
successfully to connected with the query server using sqlline-thin.py. In
kerberos cluster the ,I getting following error.
java.lang.RuntimeException: Failed to execute HTTP Request, got HTTP/404
at
org.apache.calcite.avatica.remote.AvaticaCommonsHttpClientSpnegoImpl.send(AvaticaCommonsHttpClientSpnegoImpl.java:148)
at
org.apache.calcite.avatica.remote.DoAsAvaticaHttpClient$1.run(DoAsAvaticaHttpClient.java:40)
at
org.apache.calcite.avatica.remote.DoAsAvaticaHttpClient$1.run(DoAsAvaticaHttpClient.java:38)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAs(Subject.java:360)
at
org.apache.calcite.avatica.remote.DoAsAvaticaHttpClient.send(DoAsAvaticaHttpClient.java:38)
at
org.apache.calcite.avatica.remote.RemoteProtobufService._apply(RemoteProtobufService.java:45)
at
org.apache.calcite.avatica.remote.ProtobufService.apply(ProtobufService.java:81)
at org.apache.calcite.avatica.remote.Driver.connect(Driver.java:176)
at java.sql.DriverManager.getConnection(DriverManager.java:664)
at java.sql.DriverManager.getConnection(DriverManager.java:270)
at multiaccess.Jobs.PhoenixJava(Jobs.java:69)
at multiaccess.Jobs.executeQueries(Jobs.java:39)
at multiaccess.MultiAccess$1.call(MultiAccess.java:61)
at multiaccess.MultiAccess$1.call(MultiAccess.java:56)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)

Note: Phoenix Package Version- 4.11.0-Hbase-1.2
Hbase Version- 4.2.5
Hadoop version- 2.7.2


Please help me to connect with query server through sqlline-thin client

Regards,
Mallieswari D

On Thu, Oct 5, 2017 at 7:01 PM, rafa <rafa13@gmail.com> wrote:

> Hi,
>
> The method 1 should work as far as the query server connects to the
> cluster successfully with the configured keytab. It seems a classpath
> problem on client side:
>
> [ERROR] Terminal initialization failed; falling back to unsupported
>
> java.lang.NoClassDefFoundError: Could not initialize class
> org.apache.phoenix.sh
> aded.org.fusesource.jansi.internal.Kernel32
>
> I have no exprience with windows. Seems that there is need for jline in
> the classpath
>
> https://jline.github.io/
>
> check this:
>
> https://issues.apache.org/jira/browse/HIVE-13824
>
> regards
>
>
> On Thu, Oct 5, 2017 at 2:29 PM, Mallieswari Dineshbabu <
> dmallieswari@gmail.com> wrote:
>
>> Yes, It is installed in all the JVMs. Any other solution.
>>
>>
>> On Wed, Oct 4, 2017 at 5:30 PM, rafa <rafa13@gmail.com> wrote:
>>
>>> Hi Mallieswari,
>>>
>>> Perhaps the Java Cryptography Extension (JCE) Unlimited Strength
>>> Jurisdiction Policy Files are not installed in all the JVMs ?
>>>
>>> Regards,
>>> rafa
>>>
>>> On Wed, Oct 4, 2017 at 1:18 PM, Mallieswari Dineshbabu <
>>> dmallieswari@gmail.com> wrote:
>>>
>>>> Hi ,
>>>>
>>>>
>>>>
>>>> I have configured a phoenix package "apache-phoenix-4.11.0-HBase-1.2-bin"
>>>> to Hbase version "1.2.5" in kerberos cluster.
>>>>
>>>>
>>>>
>>>> For phoenix secure cluster configuration, I have added the following
>>>> properties into the *hbase-site.xml* present in *phoenix/bin* along
>>>> with the properties of hbase configuration properties present in hbase/conf
>>>> path and refer the *core-site.xml*, *hdfs-site.xml* file in
>>>> phoenix/bin path
>>>>
>>>>
>>>>
>>>> phoenix.queryserver.keytab.file
>>>>
>>>> The key to look for keytab file.
>>>>
>>>> *unset*
>>>>
>>>> phoenix.queryserver.kerberos.principal
>>>>
>>>> The kerberos principal to use when authenticating.
>>>>
>>>> *unset*
>>>>
>>>> Phoenix Query Server:
>>>>
>>>>
>>>>
>>>> Once updated a above properties query server has been started
>>>> successfully using keytab.
>>>>
>>>>
>>>>
>>>> *Command to Server:*
>>>>
>>>> *python queryserver.py*
>>>>
>>>>
>>>>
>>>> Phoenix Client:
>>>>
>>>>
>>>>
>>>> Once the query server is started successfully then the port no 8765
>>>> comes to live. When i try to connect client with following command it
>>>> returns GSS Exception. Am I missing any steps in configuration.
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> *Command to Client:*
>>>>
>>>> Following are the methods i tried to connect in secure cluster it does
>>>> not works.
>>>>
>>>>
>>>>
>>>> *Method 1:* python sqlline-thin.py http://hostname:8765
>>>>
>>>> *Method 2:*
>>>>
>>>> python sqlthin-client.py http://hostname:8765;authentic
>>>> ation=SPNEGO;principal=phoenix/OrgClu@XXXXXX.XXXXX.COM;keyta
>>>> b=C:\\path\\to\\HadoopKeyTabs\\\phoenix.keytab
>>>> <http://hostname:8765;authentication=SPNEGO;principal=phoenix/OrgClu@XXXXXX.XXXXX.COM;keytab=C:/path/to/HadoopKeyTabs/phoenix.keytab>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> *CLIENT SIDE ERROR:*
>>>>
>>>> x-4.11.0-HBase-1.2-bin\bin>python sqlline-thin.py http://namenode1:8765
>>>>
>>>> Failed to find hbase executable on PATH, defaulting serialization to
>>>> PROTOBUF.
>>>>
>>>> [ERROR] Terminal initialization failed; falling back to unsupported
>>>>
>>>> java.lang.NoClassDefFoundError: Could not initialize class
>>>> org.apache.phoenix.sh
>>>>
>>>> aded.org.fusesource.jansi.internal.Kernel32
>>>>
>>>>         at org.apache.phoenix.shaded.org.fusesource.jansi.internal.Wind
>>>> owsSuppor
>>>>
>>>> t.getConsoleMode(WindowsSupport.java:50)
>>>>
>>>>         at org.apache.phoenix.shaded.jline.WindowsTerminal.getConsoleMo
>>>> de(Window
>>>>
>>>> sTerminal.java:177)
>>>>
>>>>         at org.apache.phoenix.shaded.jline.WindowsTerminal.init(Windows
>>>> Terminal.
>>>>
>>>> java:80)
>>>>
>>>>         at org.apache.phoenix.shaded.jline.TerminalFactory.create(Termi
>>>> nalFactor
>>>>
>>>> y.java:101)
>>>>
>>>>         at org.apache.phoenix.shaded.jline.TerminalFactory.get(Terminal
>>>> Factory.j
>>>>
>>>> ava:159)
>>>>
>>>>         at sqlline.SqlLineOpts.<init>(SqlLineOpts.java:45)
>>>>
>>>>         at sqlline.SqlLine.<init>(SqlLine.java:55)
>>>>
>>>>         at sqlline.SqlLine.start(SqlLine.java:397)
>>>>
>>>>         at sqlline.SqlLine.main(SqlLine.java:291)
>>>>
>>>>         at org.apache.phoenix.queryserver.client.SqllineWrapper$1.run(S
>>>> qllineWra
>>>>
>>>> pper.java:88)
>>>>
>>>>         at org.apache.phoenix.queryserver.client.SqllineWrapper$1.run(S
>>>> qllineWra
>>>>
>>>> pper.java:85)
>>>>
>>>>         at java.security.AccessController.doPrivileged(Native Method)
>>>>
>>>>         at javax.security.auth.Subject.doAs(Subject.java:415)
>>>>
>>>>         at org.apache.hadoop.security.UserGroupInformation.doAs(UserGro
>>>> upInforma
>>>>
>>>> tion.java:1657)
>>>>
>>>>         at org.apache.phoenix.queryserver.client.SqllineWrapper.main(Sq
>>>> llineWrap
>>>>
>>>> per.java:85)
>>>>
>>>>
>>>>
>>>> [ERROR] Terminal initialization failed; falling back to unsupported
>>>>
>>>> java.lang.NoClassDefFoundError: Could not initialize class
>>>> org.apache.phoenix.sh
>>>>
>>>> aded.org.fusesource.jansi.internal.Kernel32
>>>>
>>>>         at org.apache.phoenix.shaded.org.fusesource.jansi.internal.Wind
>>>> owsSuppor
>>>>
>>>> t.getConsoleMode(WindowsSupport.java:50)
>>>>
>>>>         at org.apache.phoenix.shaded.jline.WindowsTerminal.getConsoleMo
>>>> de(Window
>>>>
>>>> sTerminal.java:177)
>>>>
>>>>         at org.apache.phoenix.shaded.jline.WindowsTerminal.init(Windows
>>>> Terminal.
>>>>
>>>> java:80)
>>>>
>>>>         at org.apache.phoenix.shaded.jline.TerminalFactory.create(Termi
>>>> nalFactor
>>>>
>>>> y.java:101)
>>>>
>>>>         at sqlline.SqlLine.getConsoleReader(SqlLine.java:723)
>>>>
>>>>         at sqlline.SqlLine.begin(SqlLine.java:657)
>>>>
>>>>         at sqlline.SqlLine.start(SqlLine.java:398)
>>>>
>>>>         at sqlline.SqlLine.main(SqlLine.java:291)
>>>>
>>>>         at org.apache.phoenix.queryserver.client.SqllineWrapper$1.run(S
>>>> qllineWra
>>>>
>>>> pper.java:88)
>>>>
>>>>         at org.apache.phoenix.queryserver.client.SqllineWrapper$1.run(S
>>>> qllineWra
>>>>
>>>> pper.java:85)
>>>>
>>>>         at java.security.AccessController.doPrivileged(Native Method)
>>>>
>>>>         at javax.security.auth.Subject.doAs(Subject.java:415)
>>>>
>>>>         at org.apache.hadoop.security.UserGroupInformation.doAs(UserGro
>>>> upInforma
>>>>
>>>> tion.java:1657)
>>>>
>>>>         at org.apache.phoenix.queryserver.client.SqllineWrapper.main(Sq
>>>> llineWrap
>>>>
>>>> per.java:85)
>>>>
>>>>
>>>>
>>>> Setting property: [incremental, false]
>>>>
>>>> Setting property: [isolation, TRANSACTION_READ_COMMITTED]
>>>>
>>>> issuing: !connect jdbc:phoenix:thin:url=http://n
>>>> amenode1:8765;serialization=PROT
>>>>
>>>> OBUF;authentication=SPNEGO none none org.apache.phoenix.queryserver
>>>> .client.Drive
>>>>
>>>> r
>>>>
>>>> Connecting to jdbc:phoenix:thin:url=http://n
>>>> amenode1:8765;serialization=PROTOBUF
>>>>
>>>> ;authentication=SPNEGO
>>>>
>>>> java.lang.RuntimeException: Failed to execute HTTP Request, got HTTP/404
>>>>
>>>>         at org.apache.calcite.avatica.remote.AvaticaCommonsHttpClientSp
>>>> negoImpl.
>>>>
>>>> send(AvaticaCommonsHttpClientSpnegoImpl.java:148)
>>>>
>>>>         at org.apache.calcite.avatica.remote.RemoteProtobufService._app
>>>> ly(Remote
>>>>
>>>> ProtobufService.java:45)
>>>>
>>>>         at org.apache.calcite.avatica.remote.ProtobufService.apply(Prot
>>>> obufServi
>>>>
>>>> ce.java:81)
>>>>
>>>>         at org.apache.calcite.avatica.remote.Driver.connect(Driver.java
>>>> :176)
>>>>
>>>>         at sqlline.DatabaseConnection.connect(DatabaseConnection.java:1
>>>> 57)
>>>>
>>>>         at sqlline.DatabaseConnection.getConnection(DatabaseConnection.
>>>> java:203)
>>>>
>>>>
>>>>
>>>>         at sqlline.Commands.connect(Commands.java:1064)
>>>>
>>>>         at sqlline.Commands.connect(Commands.java:996)
>>>>
>>>>         at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>>>>
>>>>         at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAcce
>>>> ssorImpl.
>>>>
>>>> java:57)
>>>>
>>>>         at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMe
>>>> thodAcces
>>>>
>>>> sorImpl.java:43)
>>>>
>>>>         at java.lang.reflect.Method.invoke(Method.java:606)
>>>>
>>>>         at sqlline.ReflectiveCommandHandler.execute(ReflectiveCommandHa
>>>> ndler.jav
>>>>
>>>> a:38)
>>>>
>>>>         at sqlline.SqlLine.dispatch(SqlLine.java:809)
>>>>
>>>>         at sqlline.SqlLine.initArgs(SqlLine.java:588)
>>>>
>>>>         at sqlline.SqlLine.begin(SqlLine.java:661)
>>>>
>>>>         at sqlline.SqlLine.start(SqlLine.java:398)
>>>>
>>>>         at sqlline.SqlLine.main(SqlLine.java:291)
>>>>
>>>>         at org.apache.phoenix.queryserver.client.SqllineWrapper$1.run(S
>>>> qllineWra
>>>>
>>>> pper.java:88)
>>>>
>>>>         at org.apache.phoenix.queryserver.client.SqllineWrapper$1.run(S
>>>> qllineWra
>>>>
>>>> pper.java:85)
>>>>
>>>>         at java.security.AccessController.doPrivileged(Native Method)
>>>>
>>>>         at javax.security.auth.Subject.doAs(Subject.java:415)
>>>>
>>>>         at org.apache.hadoop.security.UserGroupInformation.doAs(UserGro
>>>> upInforma
>>>>
>>>> tion.java:1657)
>>>>
>>>>         at org.apache.phoenix.queryserver.client.SqllineWrapper.main(Sq
>>>> llineWrap
>>>>
>>>> per.java:85)
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> *SERVER SIDE ERROR:*
>>>>
>>>> 17/10/04 05:34:28 INFO server.Server: Started @9558ms
>>>>
>>>> 17/10/04 05:34:28 INFO server.HttpServer: Service listening on port
>>>> 8765.
>>>>
>>>> 17/10/04 05:38:39 WARN security.SpnegoLoginService:
>>>>
>>>> GSSException: Failure unspecified at GSS-API level (Mechanism level:
>>>> Encryption
>>>>
>>>> type AES256 CTS mode with HMAC SHA1-96 is not supported/enabled)
>>>>
>>>>         at sun.security.jgss.krb5.Krb5Context.acceptSecContext(Krb5Cont
>>>> ext.java:
>>>>
>>>> 788)
>>>>
>>>>         at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContext
>>>> Impl.java
>>>>
>>>> :342)
>>>>
>>>>         at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContext
>>>> Impl.java
>>>>
>>>> :285)
>>>>
>>>>         at sun.security.jgss.spnego.SpNegoContext.GSS_acceptSecContext(
>>>> SpNegoCon
>>>>
>>>> text.java:871)
>>>>
>>>>         at sun.security.jgss.spnego.SpNegoContext.acceptSecContext(SpNe
>>>> goContext
>>>>
>>>> .java:544)
>>>>
>>>>         at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContext
>>>> Impl.java
>>>>
>>>> :342)
>>>>
>>>>         at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContext
>>>> Impl.java
>>>>
>>>> :285)
>>>>
>>>>         at org.apache.phoenix.shaded.org.eclipse.jetty.security.SpnegoL
>>>> oginServi
>>>>
>>>> ce.login(SpnegoLoginService.java:137)
>>>>
>>>>         at org.apache.phoenix.shaded.org.eclipse.jetty.security.authent
>>>> ication.L
>>>>
>>>> oginAuthenticator.login(LoginAuthenticator.java:61)
>>>>
>>>>         at org.apache.phoenix.shaded.org.eclipse.jetty.security.authent
>>>> ication.S
>>>>
>>>> pnegoAuthenticator.validateRequest(SpnegoAuthenticator.java:99)
>>>>
>>>>         at org.apache.phoenix.shaded.org.eclipse.jetty.security.Securit
>>>> yHandler.
>>>>
>>>> handle(SecurityHandler.java:512)
>>>>
>>>>         at org.apache.phoenix.shaded.org.eclipse.jetty.server.handler.H
>>>> andlerLis
>>>>
>>>> t.handle(HandlerList.java:52)
>>>>
>>>>         at org.apache.phoenix.shaded.org.eclipse.jetty.server.handler.H
>>>> andlerWra
>>>>
>>>> pper.handle(HandlerWrapper.java:97)
>>>>
>>>>         at org.apache.phoenix.shaded.org.eclipse.jetty.server.Server.ha
>>>> ndle(Serv
>>>>
>>>> er.java:499)
>>>>
>>>>         at org.apache.phoenix.shaded.org.eclipse.jetty.server.HttpChann
>>>> el.handle
>>>>
>>>> (HttpChannel.java:311)
>>>>
>>>>         at org.apache.phoenix.shaded.org.eclipse.jetty.server.HttpConne
>>>> ction.onF
>>>>
>>>> illable(HttpConnection.java:257)
>>>>
>>>>         at org.apache.phoenix.shaded.org.eclipse.jetty.io.AbstractConne
>>>> ction$2.r
>>>>
>>>> un(AbstractConnection.java:544)
>>>>
>>>>         at org.apache.phoenix.shaded.org.eclipse.jetty.util.thread.Queu
>>>> edThreadP
>>>>
>>>> ool.runJob(QueuedThreadPool.java:635)
>>>>
>>>>         at org.apache.phoenix.shaded.org.eclipse.jetty.util.thread.Queu
>>>> edThreadP
>>>>
>>>> ool$3.run(QueuedThreadPool.java:555)
>>>>
>>>>         at java.lang.Thread.run(Thread.java:744)
>>>>
>>>> Caused by: KrbException: Encryption type AES256 CTS mode with HMAC
>>>> SHA1-96 is no
>>>>
>>>> t supported/enabled
>>>>
>>>>         at sun.security.krb5.EncryptionKey.findKey(EncryptionKey.java:5
>>>> 52)
>>>>
>>>>         at sun.security.krb5.KrbApReq.authenticate(KrbApReq.java:270)
>>>>
>>>>         at sun.security.krb5.KrbApReq.<init>(KrbApReq.java:144)
>>>>
>>>>         at sun.security.jgss.krb5.InitSecContextToken.<init>(InitSecCon
>>>> textToken
>>>>
>>>> .java:108)
>>>>
>>>>         at sun.security.jgss.krb5.Krb5Context.acceptSecContext(Krb5Cont
>>>> ext.java:
>>>>
>>>> 771)
>>>>
>>>>         ... 19 more
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> Please help me to solve this issue.
>>>>
>>>> --
>>>>
>>>> Thanks and regards
>>>>
>>>> D.Mallieswari
>>>>
>>>
>>>
>>
>>
>> --
>> Thanks and regards
>> D.Mallieswari
>>
>
>


-- 
Thanks and regards
D.Mallieswari

Mime
View raw message