AI导航网
微信公众号搜"智元新知"关注
微信扫一扫可直接关注哦!

hive认证kerberos后hiveserver2连接失败

分类:Hadoop作者:编程之家原文地址

 beeline -u "jdbc:hive2://192.168.1.231:10000/;principal=hive/test01@Para.COM"这是连接命令

报错:

 (上面的命令报错是因为kerberos的域名为三部分,这边少写了一部分)

下边报错后在CM页面看到hive metastore运行不良,就去看了眼日志

-----------------------------------------------------------------------------------

metastore日志:

[main]: metastore Thrift Server threw an exception...
org.apache.thrift.transport.TTransportException: org.apache.hadoop.security.KerberosAuthException: failure to login: for principal: hive/test01@Para.COM from keytab hive.keytab javax.security.auth.login.LoginException: Checksum Failed
	at org.apache.hadoop.hive.thrift.HadoopThriftAuthBridge$Server.<init>(HadoopThriftAuthBridge.java:327) ~[hive-exec-2.1.1-cdh6.3.2.jar:2.1.1-cdh6.3.2]
	at org.apache.hadoop.hive.thrift.HadoopThriftAuthBridge.createServer(HadoopThriftAuthBridge.java:101) ~[hive-exec-2.1.1-cdh6.3.2.jar:2.1.1-cdh6.3.2]
	at org.apache.hadoop.hive.metastore.Hivemetastore.startmetastore(Hivemetastore.java:7291) ~[hive-exec-2.1.1-cdh6.3.2.jar:2.1.1-cdh6.3.2]
	at org.apache.hadoop.hive.metastore.Hivemetastore.main(Hivemetastore.java:7210) [hive-exec-2.1.1-cdh6.3.2.jar:2.1.1-cdh6.3.2]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_181]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_181]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_181]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_181]
	at org.apache.hadoop.util.RunJar.run(RunJar.java:313) [hadoop-common-3.0.0-cdh6.3.2.jar:?]
	at org.apache.hadoop.util.RunJar.main(RunJar.java:227) [hadoop-common-3.0.0-cdh6.3.2.jar:?]
Caused by: org.apache.hadoop.security.KerberosAuthException: failure to login: for principal: hive/test01@Para.COM from keytab hive.keytab javax.security.auth.login.LoginException: Checksum Failed
	at org.apache.hadoop.security.UserGroup@R_31_404[email protected](UserGroup@R_31_404[email protected]:1992) ~[hadoop-common-3.0.0-cdh6.3.2.jar:?]
	at org.apache.hadoop.security.UserGroup@R_31_404[email protected](UserGroup@R_31_404[email protected]:1360) ~[hadoop-common-3.0.0-cdh6.3.2.jar:?]
	at org.apache.hadoop.security.UserGroup@R_31_404[email protected](UserGroup@R_31_404[email protected]:1140) ~[hadoop-common-3.0.0-cdh6.3.2.jar:?]
	at org.apache.hadoop.hive.thrift.HadoopThriftAuthBridge$Server.<init>(HadoopThriftAuthBridge.java:322) ~[hive-exec-2.1.1-cdh6.3.2.jar:2.1.1-cdh6.3.2]
	... 9 more
Caused by: javax.security.auth.login.LoginException: Checksum Failed
	at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:804) ~[?:1.8.0_181]
	at com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:617) ~[?:1.8.0_181]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_181]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_181]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_181]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_181]
	at javax.security.auth.login.LoginContext.invoke(LoginContext.java:755) ~[?:1.8.0_181]
	at javax.security.auth.login.LoginContext.access$000(LoginContext.java:195) ~[?:1.8.0_181]
	at javax.security.auth.login.LoginContext$4.run(LoginContext.java:682) ~[?:1.8.0_181]
	at javax.security.auth.login.LoginContext$4.run(LoginContext.java:680) ~[?:1.8.0_181]
	at java.security.AccessController.doPrivileged(Native Method) ~[?:1.8.0_181]
	at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) ~[?:1.8.0_181]
	at javax.security.auth.login.LoginContext.login(LoginContext.java:587) ~[?:1.8.0_181]
	at org.apache.hadoop.security.UserGroup@R_31_4045@ion$HadoopLoginContext.login(UserGroup@R_31_404[email protected]:2070) ~[hadoop-common-3.0.0-cdh6.3.2.jar:?]
	at org.apache.hadoop.security.UserGroup@R_31_404[email protected](UserGroup@R_31_404[email protected]:1982) ~[hadoop-common-3.0.0-cdh6.3.2.jar:?]
	at org.apache.hadoop.security.UserGroup@R_31_404[email protected](UserGroup@R_31_404[email protected]:1360) ~[hadoop-common-3.0.0-cdh6.3.2.jar:?]
	at org.apache.hadoop.security.UserGroup@R_31_404[email protected](UserGroup@R_31_404[email protected]:1140) ~[hadoop-common-3.0.0-cdh6.3.2.jar:?]
	at org.apache.hadoop.hive.thrift.HadoopThriftAuthBridge$Server.<init>(HadoopThriftAuthBridge.java:322) ~[hive-exec-2.1.1-cdh6.3.2.jar:2.1.1-cdh6.3.2]
	... 9 more
Caused by: sun.security.krb5.KrbCryptoException: Checksum Failed
	at sun.security.krb5.internal.crypto.Aes256CtsHmacSha1EType.decrypt(Aes256CtsHmacSha1EType.java:102) ~[?:1.8.0_181]
	at sun.security.krb5.internal.crypto.Aes256CtsHmacSha1EType.decrypt(Aes256CtsHmacSha1EType.java:94) ~[?:1.8.0_181]
	at sun.security.krb5.EncryptedData.decrypt(EncryptedData.java:175) ~[?:1.8.0_181]
	at sun.security.krb5.KrbAsRep.decrypt(KrbAsRep.java:149) ~[?:1.8.0_181]
	at sun.security.krb5.KrbAsRep.decryptUsingKeyTab(KrbAsRep.java:121) ~[?:1.8.0_181]
	at sun.security.krb5.KrbAsReqBuilder.resolve(KrbAsReqBuilder.java:285) ~[?:1.8.0_181]
	at sun.security.krb5.KrbAsReqBuilder.action(KrbAsReqBuilder.java:361) ~[?:1.8.0_181]
	at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:776) ~[?:1.8.0_181]
	at com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:617) ~[?:1.8.0_181]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_181]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_181]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_181]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_181]
	at javax.security.auth.login.LoginContext.invoke(LoginContext.java:755) ~[?:1.8.0_181]
	at javax.security.auth.login.LoginContext.access$000(LoginContext.java:195) ~[?:1.8.0_181]
	at javax.security.auth.login.LoginContext$4.run(LoginContext.java:682) ~[?:1.8.0_181]
	at javax.security.auth.login.LoginContext$4.run(LoginContext.java:680) ~[?:1.8.0_181]
	at java.security.AccessController.doPrivileged(Native Method) ~[?:1.8.0_181]
	at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) ~[?:1.8.0_181]
	at javax.security.auth.login.LoginContext.login(LoginContext.java:587) ~[?:1.8.0_181]
	at org.apache.hadoop.security.UserGroup@R_31_4045@ion$HadoopLoginContext.login(UserGroup@R_31_404[email protected]:2070) ~[hadoop-common-3.0.0-cdh6.3.2.jar:?]
	at org.apache.hadoop.security.UserGroup@R_31_404[email protected](UserGroup@R_31_404[email protected]:1982) ~[hadoop-common-3.0.0-cdh6.3.2.jar:?]
	at org.apache.hadoop.security.UserGroup@R_31_404[email protected](UserGroup@R_31_404[email protected]:1360) ~[hadoop-common-3.0.0-cdh6.3.2.jar:?]
	at org.apache.hadoop.security.UserGroup@R_31_404[email protected](UserGroup@R_31_404[email protected]:1140) ~[hadoop-common-3.0.0-cdh6.3.2.jar:?]
	at org.apache.hadoop.hive.thrift.HadoopThriftAuthBridge$Server.<init>(HadoopThriftAuthBridge.java:322) ~[hive-exec-2.1.1-cdh6.3.2.jar:2.1.1-cdh6.3.2]
	... 9 more
Caused by: java.security.GeneralSecurityException: Checksum Failed
	at sun.security.krb5.internal.crypto.dk.AesDkCrypto.decryptCTS(AesDkCrypto.java:451) ~[?:1.8.0_181]
	at sun.security.krb5.internal.crypto.dk.AesDkCrypto.decrypt(AesDkCrypto.java:272) ~[?:1.8.0_181]
	at sun.security.krb5.internal.crypto.Aes256.decrypt(Aes256.java:76) ~[?:1.8.0_181]
	at sun.security.krb5.internal.crypto.Aes256CtsHmacSha1EType.decrypt(Aes256CtsHmacSha1EType.java:100) ~[?:1.8.0_181]
	at sun.security.krb5.internal.crypto.Aes256CtsHmacSha1EType.decrypt(Aes256CtsHmacSha1EType.java:94) ~[?:1.8.0_181]
	at sun.security.krb5.EncryptedData.decrypt(EncryptedData.java:175) ~[?:1.8.0_181]
	at sun.security.krb5.KrbAsRep.decrypt(KrbAsRep.java:149) ~[?:1.8.0_181]
	at sun.security.krb5.KrbAsRep.decryptUsingKeyTab(KrbAsRep.java:121) ~[?:1.8.0_181]
	at sun.security.krb5.KrbAsReqBuilder.resolve(KrbAsReqBuilder.java:285) ~[?:1.8.0_181]
	at sun.security.krb5.KrbAsReqBuilder.action(KrbAsReqBuilder.java:361) ~[?:1.8.0_181]
	at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:776) ~[?:1.8.0_181]
	at com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:617) ~[?:1.8.0_181]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_181]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_181]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_181]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_181]
	at javax.security.auth.login.LoginContext.invoke(LoginContext.java:755) ~[?:1.8.0_181]
	at javax.security.auth.login.LoginContext.access$000(LoginContext.java:195) ~[?:1.8.0_181]
	at javax.security.auth.login.LoginContext$4.run(LoginContext.java:682) ~[?:1.8.0_181]
	at javax.security.auth.login.LoginContext$4.run(LoginContext.java:680) ~[?:1.8.0_181]
	at java.security.AccessController.doPrivileged(Native Method) ~[?:1.8.0_181]
	at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) ~[?:1.8.0_181]
	at javax.security.auth.login.LoginContext.login(LoginContext.java:587) ~[?:1.8.0_181]
	at org.apache.hadoop.security.UserGroup@R_31_4045@ion$HadoopLoginContext.login(UserGroup@R_31_404[email protected]:2070) ~[hadoop-common-3.0.0-cdh6.3.2.jar:?]
	at org.apache.hadoop.security.UserGroup@R_31_404[email protected](UserGroup@R_31_404[email protected]:1982) ~[hadoop-common-3.0.0-cdh6.3.2.jar:?]
	at org.apache.hadoop.security.UserGroup@R_31_404[email protected](UserGroup@R_31_404[email protected]:1360) ~[hadoop-common-3.0.0-cdh6.3.2.jar:?]
	at org.apache.hadoop.security.UserGroup@R_31_404[email protected](UserGroup@R_31_404[email protected]:1140) ~[hadoop-common-3.0.0-cdh6.3.2.jar:?]
	at org.apache.hadoop.hive.thrift.HadoopThriftAuthBridge$Server.<init>(HadoopThriftAuthBridge.java:322) ~[hive-exec-2.1.1-cdh6.3.2.jar:2.1.1-cdh6.3.2]
	... 9 more

---------------------------------------------------------------------------------------------------

大概可以看到是因为kerberos的票据问件出问题了 ,

参考启用Kerberos后CDH集群的HiveServer2频繁意外退出故障解决附带CDH更新Principal keytab过程_王若鱼的博客-CSDN博客

只要在CM页面重新生成kerberos凭据后解决问题

(如果不成功的话可能还是因为.keytab文件的问题 ,在kadmin.locla命令行中重新生成

 

版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 [email protected] 举报,一经查实,本站将立刻删除。

相关推荐

hadoop day2-搭建
hadoop搭建准备工作三台虚拟机:master、node1、node2检查时间是否同步:date检查java的jdk是否被安装好:java-version修改主机名三台分别执行vim/etc/hostname并将内容指定为对应的主机名 关闭防火墙:systemctlst...
Hadoop 二十三
文件的更名和移动:    获取文件详细信息       遇到的问题:不能直接在web上上传文件。   权限问题:修改后即可正常创建  参考:https://blog.csdn.net/weixin_44575660/article/details/118687993
大数据Hadoop之——HDFS小文件问题与处理实战操作
目录一、背景1)小文件是如何产生的?2)文件块大小设置3)HDFS分块目的二、HDFS小文件问题处理方案1)HadoopArchive(HAR)2)Sequencefile3)CombineFileInputFormat4)开启JVM重用5)合并本地的小文件,上传到HDF...
大数据Hadoop之——Hadoop HDFS多目录磁盘扩展与数据平衡实战操作
目录一、概述二、HadoopDataNode多目录磁盘配置1)配置hdfs-site.xml2)配置详解1、dfs.datanode.data.dir2、dfs.datanode.fsdataset.volume.choosing.policy3、dfs.datanode.available-space-volume-choosing-polic...
平台搭建伪分布式
平台搭建(伪分布式)伪分布式搭建在VM中搭建std-master修改配置文件centos7-cl1.vmdkstd-master.vmx-将配置文件中vm的版本号改成自己电脑对应的vm版本修改客户端的操作系统为centos764位打开虚拟机修改虚拟机网络cd...
Harley浅谈HadoopHDFS
 一、HDFS概述 1.1、HDFS产出背景及定义 1.1.1、HDFS产生背景   随着数据量越来越大,在一个操作系统存不下所有的数据,那么就分配到更多的操作系统管理的磁盘中,但是不方便管理和维护,迫切需要一种系统来管...
Hadoop 十二
配置workers进入hadoop/etc/hadoop  编辑workers文件  然后分发给另外两个服务器     准备启动集群第一次需要初始化.  初始化完成后增加了data文件,  进入上面那个路径,就能看到当前服务器的版本号 ...
第六周总结8.13
这周我对ssm框架进行了更深一步的开发,加入了多用户,并对除登录外的请求进行了拦截,这样用户在未登录的时候是访问不到资源的。并且对hadoop进行了初步的学习,包括虚拟机的安装等等。下周会对hadoop进行更深一步的...
安装Hadoop2.10.1
前言通过在Hadoop1安装Hadoop,然后配置相应的配置文件,最后将Hadoop所有文件同步到其他Hadoop节点。一、集群规划#主机名‘master/hadoop1’‘slave01/hadoop2’‘slave02/hadoop3’#启动节点NamenodeNodemanagerNod...
集群崩溃处理
1.先杀死进程(先进入到hadoop版本文件里,我的是/opt/module/hadoop-3.1.3/)sbin/stop-dfs.sh2.删除每个集群上的data以及logsrm-rfdata/logs/3.格式化hdfsnamenode-format4.再启动sbin/sart-dfs.sh
    pythonJavaScriptjavaHTMLreactjsC#AndroidCSSNode.jssqlrpython-3.xMysqLjQueryc++pandasFlutterangularIOSdjangolinuxswifttypescript路由器JSON路由器设置无线路由器h3c华三华三路由器设置华三路由器电脑软件教程arraysdocker软件图文教程Cvue.jslaravelspring-bootreact-native