Log Hadoop authentication method is set to SIMPLE; but a Kerberos principal is – How To Solve Related Issues



Log Hadoop authentication method is set to SIMPLE; but a Kerberos principal is – How To Solve Related Issues

Opster Team

Jan-20, Version: 1.7-8.0

 

Before you begin reading this guide, we recommend you try running the Elasticsearch Error Check-Up  which can resolve issues causing many log errors (free and no installation required)

 

This guide will help you check for common problems that cause the log “Hadoop authentication method is set to SIMPLE; but a Kerberos principal is” to appear. It’s important to understand the issues related to the log, so to get started, read the general overview on common issues and tips related to the Elasticsearch concepts: plugins, repositories, repository-azure.


Advanced users might want to skip right to the common problems section in each concept or try running the Check-Up which analyses ES to discover the cause of many errors and provides suitable actionable recommendations. 

Log Context

Log “Hadoop authentication method is set to [SIMPLE]; but a Kerberos principal is” classname is HdfsRepository.java
We extracted the following from Elasticsearch source code for those seeking an in-depth context :

         // Check if the user added a principal to use; and that there is a keytab file provided
        String kerberosPrincipal = repositorySettings.get(CONF_SECURITY_PRINCIPAL);

        // Check to see if the authentication method is compatible
        if (kerberosPrincipal != null && authMethod.equals(AuthenticationMethod.SIMPLE)) {
            logger.warn("Hadoop authentication method is set to [SIMPLE]; but a Kerberos principal is " +
                "specified. Continuing with [KERBEROS] authentication.");
            SecurityUtil.setAuthenticationMethod(AuthenticationMethod.KERBEROS; hadoopConfiguration);
        } else if (kerberosPrincipal == null && authMethod.equals(AuthenticationMethod.KERBEROS)) {
            throw new RuntimeException("HDFS Repository does not support [KERBEROS] authentication without " +
                "a valid Kerberos principal and keytab. Please specify a principal in the repository settings with [" +









Find Configuration Errors

Try The Tool