Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
0.10.0, 0.9.5
-
None
Description
When logging in with a keytab, if the topology has more than one instance of an HBase bolt then the ticket will not be automatically renewed.
Expected: The ticket will be automatically renewed and the bolt will be able to write to the database.
Actual: The ticket is not renewed and the bolt loses access to HBase.
Note when there is only one bolt with one executor is renews correctly.
Exception in bolt is:
2015-12-18T09:41:13.862-0500 o.a.h.s.UserGroupInformation [ERROR] PriviledgedActionException as:user@somewhere.com
cause:javax.security.sasl.SaslException: GSS initiate failed [Caused by
GSSException: No valid credentials provided (Mechanism level: Failed to find any
Kerberos tgt)]
2015-12-18T09:41:13.862-0500 o.a.h.i.RpcClient [WARN] Exception encountered
while connecting to the server : javax.security.sasl.SaslException: GSS initiate
failed [Caused by GSSException: No valid credentials provided (Mechanism level:
Failed to find any Kerberos tgt)]
2015-12-18T09:41:13.863-0500 o.a.h.i.RpcClient [ERROR] SASL authentication
failed. The most likely cause is missing or invalid credentials. Consider
'kinit'.