Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Duplicate
-
2.2.1
-
None
Description
Posted on the forum: https://community.hortonworks.com/questions/7750/knox-gateway-start-fail.html
by Jose Guillen
Install HDP 2.3.latest with Knox on a single host.
Immediately after install, restart Knox.
It fails with this error on both JDK 1.7 and 1.8
2016-01-15 15:37:00,440 - Execute['/usr/hdp/current/knox-server/bin/knoxcli.sh create-master --master [PROTECTED]'] {'environment': {'JAVA_HOME': u'/usr/jdk64/jdk1.7.0_67'}, 'not_if': "ambari-sudo.sh su knox -l -s /bin/bash -c 'test -f /var/lib/knox/data/security/master'", 'user': 'knox'}
Originates to /var/lib/ambari-agent/cache/common-services/KNOX/0.5.0.2.2/package/scripts/knox.py
cmd = format('{knox_client_bin} create-master --master {knox_master_secret!p}') master_secret_exist = as_user(format('test -f {knox_master_secret_path}'), params.knox_user) Execute(cmd,user=params.knox_user,environment={'JAVA_HOME': params.java_home},not_if=master_secret_exist,) {knox_master_secret_path}
resolves to /var/lib/knox/data/security/master (as defined in /var/lib/ambari-agent/cache/common-services/KNOX/0.5.0.2.2/package/scripts/params_linux.py). The problem is that the Knox master file does not exist on this location. The directory /var/lib/knox/data does exist, but the content is empty.
Instead, the master key is located here: /usr/hdp/current/knox-server/data/security/master
In the file /var/lib/ambari-agent/cache/common-services/KNOX/0.5.0.2.2/package/scripts/knox_gateway.py, I also see something with removing/setting symbolic links:
# Used to setup symlink, needed to update the knox managed symlink, in case of custom locations if os.path.islink(params.knox_managed_pid_symlink) and os.path.realpath(params.knox_managed_pid_symlink) != params.knox_pid_dir: os.unlink(params.knox_managed_pid_symlink) os.symlink(params.knox_pid_dir, params.knox_managed_pid_symlink)
Perhaps something goes wrong with the symbolic links? (when you install HDP2.3 successfully, but try to restart all services immediately after the installation?)
In any case, the following modification resolved the issue for me.. I'm not sure if it covers everything (e.g. what will happen if you change the Knox master key via the Ambari web interface??), but I don't have any more time to be stuck on this issue
Open /var/lib/ambari-agent/cache/common-services/KNOX/0.5.0.2.2/package/scripts/params_linux.py
Change:
knox_master_secret_path = '/var/lib/knox/data/security/master' knox_cert_store_path = '/var/lib/knox/data/security/keystores/gateway.jks'
to:
knox_master_secret_path = '/usr/hdp/current/knox-server/data/security/master' knox_cert_store_path = '/usr/hdp/current/knox-server/data/security/keystores/gateway.jks'