Uploaded image for project: 'Zeppelin'
  1. Zeppelin
  2. ZEPPELIN-5841

if I have not config proxyuser in core-site.xml, zeppelin prompt me " User: admin is not allowed to impersonate admin"

    XMLWordPrintableJSON

Details

    Description

      My core-site.xml like below

       <property>
        <name>hadoop.proxyuser.HTTP.hosts</name>
        <value>*</value>
    </property>
    <property>
        <name>hadoop.proxyuser.HTTP.groups</name>
        <value>*</value>
    </property>
    <property>
        <name>hadoop.proxyuser.zeppelin.hosts</name>
        <value>*</value>
    </property>
    <property>
        <name>hadoop.proxyuser.zeppelin.groups</name>
        <value>*</value>
    </property>
    <property>
      <name>hadoop.proxyuser.zeppelin.users</name>
      <value>*</value>
    </property>
    <property>
      <name>hadoop.proxyuser.hive.groups</name>
      <value>zeppelin</value>
    </property>
    <property>
        <name>hadoop.proxyuser.zhangfei.hosts</name>
        <value>*</value>
    </property>
    <property>
        <name>hadoop.proxyuser.zhangfei.groups</name>
        <value>*</value>
    </property>
    <property>
        <name>hadoop.proxyuser.luhongwei.hosts</name>
        <value>*</value>
    </property>
    <property>
        <name>hadoop.proxyuser.luhongwei.groups</name>
        <value>*</value>
    </property>

      when I login with luhongwei or zhangfei,zeppelin will launch interpreter which luhongwei or zhangfei like below shows

      [yarn@hadoop-180-98 ~]$ yarn app -list
2022-11-02 10:57:24,237 INFO client.ConfiguredRMFailoverProxyProvider: Failing over to rm2
Total number of applications (application-types: [], states: [SUBMITTED, ACCEPTED, RUNNING] and tags: []):2
                Application-Id	    Application-Name	    Application-Type	      User	     Queue	             State	       Final-State	       Progress	                       Tracking-URL
application_1667356423565_0002	            zeppelin	               SPARK	 luhongwei	   default	           RUNNING	         UNDEFINED	            10%	http://hadoop-180-91.testhadoop.com:42129
application_1667356423565_0001	            zeppelin	               SPARK	  zhangfei	   default	           RUNNING	         UNDEFINED	            10%	http://hadoop-180-98.testhadoop.com:36249

      but I login with other user , zeppelin throw 

      2022-11-02 10:47:54,697 INFO client.ConfiguredRMFailoverProxyProvider: Failing over to rm2
Exception in thread "main" org.apache.spark.SparkException: ERROR: org.apache.hadoop.security.authorize.AuthorizationException: User: admin is not allowed to impersonate admin

      I have set spark interpreter to per user in isolated with user impersonate enabled.

      Need I set proxyuser for each zeppelin user? then restart hdfs and yarn, It will affect a lot.

      Attachments

        Activity

          People

            Unassigned Unassigned
            luhw Hongwei Lu
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated: