search

OpenTSDB / opentsdb

A scalable, distributed Time Series Database.
http://opentsdb.net
GNU Lesser General Public License v2.1
4.99k stars 1.25k forks source link

opentsdb fails to authenticate with kerberos #683

Open utpalthakar opened 8 years ago

utpalthakar commented 8 years ago

Asynchbase was not able to find login module from the configuration Have set following in opentsdb.conf hbase.security.auth.enable=true hbase.security.authentication=kerberos hbase.kerberos.regionserver.principal=hbase/_HOST@MYREALM.COM hbase.sasl.clientconfig=Client java.security.auth.login.config=/home/user/opentsdb/opentsdb.jaas Is there anything missing in the configuration to work with kerberos ?

java.lang.IllegalStateException: Failed to get login context at org.hbase.async.auth.KerberosClientAuthProvider.(KerberosClientAuthProvider.java:92) ~[asynchbase-1.7.1-20151004.015637-1.jar:na] at org.hbase.async.SecureRpcHelper.initSecureClientProvider(SecureRpcHelper.java:139) ~[asynchbase-1.7.1-20151004.015637-1.jar:na] at org.hbase.async.SecureRpcHelper.(SecureRpcHelper.java:116) ~[asynchbase-1.7.1-20151004.015637-1.jar:na] at org.hbase.async.SecureRpcHelper96.(SecureRpcHelper96.java:65) ~[asynchbase-1.7.1-20151004.015637-1.jar:na] at org.hbase.async.RegionClient.channelConnected(RegionClient.java:1089) ~[asynchbase-1.7.1-20151004.015637-1.jar:na] at org.jboss.netty.channel.SimpleChannelUpstreamHandler.handleUpstream(SimpleChannelUpstreamHandler.java:100) [netty-3.9.4.Final.jar:na] at org.hbase.async.RegionClient.handleUpstream(RegionClient.java:1206) ~[asynchbase-1.7.1-20151004.015637-1.jar:na] at org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:564) [netty-3.9.4.Final.jar:na] at org.jboss.netty.channel.DefaultChannelPipeline$DefaultChannelHandlerContext.sendUpstream(DefaultChannelPipeline.java:791) [netty-3.9.4.Final.jar:na] at org.jboss.netty.channel.SimpleChannelHandler.channelConnected(SimpleChannelHandler.java:182) [netty-3.9.4.Final.jar:na] at org.jboss.netty.channel.SimpleChannelHandler.handleUpstream(SimpleChannelHandler.java:118) [netty-3.9.4.Final.jar:na] at org.jboss.netty.handler.timeout.IdleStateAwareChannelHandler.handleUpstream(IdleStateAwareChannelHandler.java:36) [netty-3.9.4.Final.jar:na] at org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:564) [netty-3.9.4.Final.jar:na] at org.jboss.netty.channel.DefaultChannelPipeline$DefaultChannelHandlerContext.sendUpstream(DefaultChannelPipeline.java:791) [netty-3.9.4.Final.jar:na] at org.jboss.netty.channel.SimpleChannelUpstreamHandler.channelConnected(SimpleChannelUpstreamHandler.java:191) [netty-3.9.4.Final.jar:na] at org.jboss.netty.channel.SimpleChannelUpstreamHandler.handleUpstream(SimpleChannelUpstreamHandler.java:100) [netty-3.9.4.Final.jar:na] at org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:564) [netty-3.9.4.Final.jar:na] at org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:559) [netty-3.9.4.Final.jar:na] at org.hbase.async.HBaseClient$RegionClientPipeline.sendUpstream(HBaseClient.java:3108) [asynchbase-1.7.1-20151004.015637-1.jar:na] at org.jboss.netty.channel.Channels.fireChannelConnected(Channels.java:227) [netty-3.9.4.Final.jar:na] at org.jboss.netty.channel.socket.nio.NioWorker$RegisterTask.run(NioWorker.java:162) [netty-3.9.4.Final.jar:na] at org.jboss.netty.channel.socket.nio.AbstractNioSelector.processTaskQueue(AbstractNioSelector.java:372) [netty-3.9.4.Final.jar:na] at org.jboss.netty.channel.socket.nio.AbstractNioSelector.run(AbstractNioSelector.java:296) [netty-3.9.4.Final.jar:na] at org.jboss.netty.channel.socket.nio.AbstractNioWorker.run(AbstractNioWorker.java:89) [netty-3.9.4.Final.jar:na] at org.jboss.netty.channel.socket.nio.NioWorker.run(NioWorker.java:178) [netty-3.9.4.Final.jar:na] at org.jboss.netty.util.ThreadRenamingRunnable.run(ThreadRenamingRunnable.java:108) [netty-3.9.4.Final.jar:na] at org.jboss.netty.util.internal.DeadLockProofWorker$1.run(DeadLockProofWorker.java:42) [netty-3.9.4.Final.jar:na] at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) [na:1.7.0_51] at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) [na:1.7.0_51] at java.lang.Thread.run(Thread.java:744) [na:1.7.0_51] Caused by: javax.security.auth.login.LoginException: No LoginModules configured for Client at javax.security.auth.login.LoginContext.init(LoginContext.java:272) ~[na:1.7.0_51] at javax.security.auth.login.LoginContext.(LoginContext.java:425) ~[na:1.7.0_51] at org.hbase.async.auth.Login.login(Login.java:230) ~[asynchbase-1.7.1-20151004.015637-1.jar:na] at org.hbase.async.auth.Login.(Login.java:165) ~[asynchbase-1.7.1-20151004.015637-1.jar:na] at org.hbase.async.auth.Login.initUserIfNeeded(Login.java:137) ~[asynchbase-1.7.1-20151004.015637-1.jar:na] at org.hbase.async.auth.KerberosClientAuthProvider.(KerberosClientAuthProvider.java:87) ~[asynchbase-1.7.1-20151004.015637-1.jar:na] ... 29 common frames omitted

manolama commented 8 years ago

Oh, pass ''-Djava.security.auth.login.config=/home/user/opentsdb/opentsdb.jaas'' in the JVM's command line, I think it's the only one that you have to send that way.

SushantVarshney commented 7 years ago

Hey Guyz, I am also facing the same issue and also tried the step as said by @manolama but it doesn't worked. I am using OpenTSDB version 2.1.3 with CDH Version 5.3.2 and it's working there but it's not working with CDH 5.8.2 version. Has anyone tried using openTSDB version 2.3.0 with CDH 5.8.2 ??? Does that worked ?

thiruvathuru commented 7 years ago

Facing the same issue. Appreciate if anyone can faced the above and resolved it

hellozeck commented 7 years ago

I add 

"-Djava.security.auth.login.config=/home/zk-jaas.conf

in JVMARGS , It becomde OK

IDerr commented 7 years ago

Hi @utpalthakar, could you please close this issue if the problem has been resolved ?

Thanks a lot :)