| AMBARI-24781 | BUG-111968 | When the ambari server setup-ldap cli is invoked for a
second time, the previously configured LDAP values are not suggested as
the defaults. | Values must be reconfigured each time the setup-ldap
utility is invoked.
https://docs.hortonworks.com/HDPDocuments/HDP3/HDP-3.0.1/ambari-authentication-ldap-ad/content/setting_up_ldap_user_authentication.htmlConfiguring Ambari to authenticate external users |
| AMBARI-24781 | BUG-111968 | The ldap-type option cannot be passed in as a flag for
silent configurations. | Configure the ldap type interactively. This option is only
used to populate the initial defaults for the interactive setup-ldap
menu and does not override explicitly configured options. |
| AMBARI-24781 | BUG-111968 | Example values for setup-ldap using IPA do not sync group
membership. | In the setup-ldap menu, configuring "posixaccount" for User
object class and "member" for Group member attribute need to be
explicitly set for most IPA installations. |
| N/A | BUG-110831 | 'ambari-server setup-ldap' fails with AttributeError when master_key is not persisted
Installed ambari-server and configured password
encryption, but chose not to persist master key:
===================
Choose one of the following options:
[1] Enable HTTPS for Ambari server.
[2] Encrypt passwords stored in ambari.properties file.
[3] Setup Ambari kerberos JAAS configuration.
[4] Setup truststore.
[5] Import certificate to truststore.
===========================================================================
Enter choice, (1-5): 2
Password encryption is enabled.
Do you want to reset Master Key? [y/n] (n): y
Master Key not persisted.
Enter current Master Key:
Enter new Master Key:
Re-enter master key:
Do you want to persist master key. If you choose not to persist, you need to
provide the Master Key while starting the ambari server as an env variable
named AMBARI_SECURITY_MASTER_KEY or the start will prompt for the master key.
Persist [y/n] (y)? n
Adjusting ambari-server permissions and ownership...
Ambari Server 'setup-security' completed successfully.
Then, export environment
variable. export AMBARI_SECURITY_MASTER_KEY=hadoop
Then, run LDAP setup with the following
settings: ambari-server setup-ldap -v
====================
Review Settings
====================
Primary LDAP Host (ldap.ambari.apache.org):
ctr-e138-1518143905142-473336-01-000002.hwx.site
Primary LDAP Port (389): 389
Use SSL [true/false] (false): false
User object class (posixUser): posixUser
User ID attribute (uid): uid
Group object class (posixGroup): posixGroup
Group name attribute (cn): cn
Group member attribute (memberUid): memberUid
Distinguished name attribute (dn): dn
Search Base (dc=ambari,dc=apache,dc=org): dc=apache,dc=org
Referral method [follow/ignore] (follow): follow
Bind anonymously [true/false] (false): false
Handling behavior for username collisions [convert/skip] for LDAP sync (skip):
skip ambari.ldap.connectivity.bind_dn: uid=hdfs,ou=people,ou=dev,dc=apache,dc=org
ambari.ldap.connectivity.bind_password: *****
Save settings [y/n] (y)? y Issues: Master Key generation fails: INFO: Loading properties from /etc/ambari-server/conf/ambari.properties
Traceback (most recent call last):
File "/usr/sbin/ambari-server.py",
line 1060, in <module> mainBody()
File "/usr/sbin/ambari-server.py",
line 1030, in mainBody main(options, args, parser)
File "/usr/sbin/ambari-server.py",
line 980, in main action_obj.execute()
File "/usr/sbin/ambari-server.py",
line 79, in execute self.fn(*self.args, **self.kwargs)
File "/usr/lib/ambari-server/lib/ambari_server/setupSecurity.py",
line 860, in setup_ldap encrypted_passwd = encrypt_password(LDAP_MGR_PASSWORD_ALIAS, mgr_password, options)
File "/usr/lib/ambari-server/lib/ambari_server/serverConfiguration.py",
line 858, in encrypt_password return get_encrypted_password(alias, password, properties, options)
File "/usr/lib/ambari-server/lib/ambari_server/serverConfiguration.py",
line 867, in get_encrypted_password masterKey = get_original_master_key(properties, options)
File "/usr/lib/ambari-server/lib/ambari_server/serverConfiguration.py",
line 1022, in get_original_master_key if options is not None and options.master_key is not
None and options.master_key:
AttributeError: Values instance has no attribute 'master_key'
[root@ctr-e138-1518143905142-473336-01-000002 ~]# Repeated prompt for Master Key, despite providing
correct value. Returns an incorrect master key value and the
shell repeats printing "ERROR: ERROR: Master key
does not match." and scrolls the page
The issues are seen when master key is not persisted as
part of the initial password encryption step.
| Persist the master key BEFORE setting up LDAP. |
|
AMBARI-24506
| BUG-109436 | Upgrade History page is blank after a cluster is upgraded multiple
times | No known workaround. |
| N/A | BUG-109760 |
YARN Timeline Service V 2.0 Reader component stops after a patch
upgrade of the service HBase from HDP 3.0.0 to HDP 3.0.1.
| Manually start the YARN Timeline Service V 2.0 Reader
component. |
| AMBARI-24536 | BUG-109839 | When SPNEGO is enabled (`ambari-server setup-kerberos`), the SSO
(`ambari-server setup-sso`) redirect no longer works. | No known workaround. Do not enable both kerberos and SSO using
ambari-server setup. |
| N/A | BUG-111345 | This issue only applies when performing a "minor" Apache Ambari
rolling upgrade from HDP-3.0.0 to HDP-3.0.1. After performing a rolling
upgrade, some Apache Spark2 components may not start. | Select Spark2 > Configs > Custom
spark2-thrift-sparkconf and add the following properties:
spark.yarn.keytab and
spark.yarn.principal. Set the value of these properties to
match the values of the spark.history.kerberos.keytab and
spark.history.kerberos.principal properties in
Spark2 > Configs > Advanced
spark2-defaults. Click Save, then restart Spark and any other services that
require a restart. |
| N/A | BUG-115815 | Zeppelin Server status alerts are not triggered even when Zeppelin
server is stopped. |
In the alert_check_zeppelin.py script located in the
/var/lib/ambari-agent/cache/common-services/ZEPPELIN/<version>/package/scripts/
folder, change the 'return' statement to the following:
return (RESULT_CODE_CRITICAL, ["Zeppelin is not running"])
|
| N/A | BUG-105092 | Oozie service check failure on HA cluster during EU | If Ranger HA and/or Oozie Server HA is configured and a custom
composite keytab file is being used, service checks for Ranger and Oozie
will fail during the HDP 2.6 to HDP 3.0 Upgrade. |
|
AMBARI-25069
| SPEC-58, BUG-116328 | HDP 3.0.1 with local repository fails to deploy. Empty baseurl values
written to the repo files when using a local repository causes an HDP
stack installation failure. |
Go to the folder /usr/lib/ambari-server/web/javascipts
using cd
/usr/lib/ambari-server/web/javascripts Take a backup of app.js using cp app.js
app.js_backup Edit the app.js file. Find the
line(39892)onNetworkIssuesExist: function ()
{ Change the line from : /**
* Use Local Repo if some network issues exist
*/
onNetworkIssuesExist: function () {
if (this.get('networkIssuesExist')) {
this.get('content.stacks').forEach(function (stack) {
stack.setProperties({
usePublicRepo: false,
useLocalRepo: true
});
stack.cleanReposBaseUrls();
});
}
}.observes('networkIssuesExist'),to /**
* Use Local Repo if some network issues exist
*/
onNetworkIssuesExist: function () {
if (this.get('networkIssuesExist')) {
this.get('content.stacks').forEach(function (stack) {
if(stack.get('useLocalRepo') != true){
stack.setProperties({
usePublicRepo: false,
useLocalRepo: true
});
stack.cleanReposBaseUrls();
}
});
}
}.observes('networkIssuesExist'), Reload the page, and then start the create cluster wizard
again.
|
