Hadoop authentication method is set to SIMPLE; but a Kerberos principal is – How to solve related issues

Average Read Time

2 Mins

Hadoop authentication method is set to SIMPLE; but a Kerberos principal is – How to solve related issues

Opster Team

Jan-20, Version: 1.7-8.0

Before you begin reading this guide, we recommend you run Elasticsearch Error Check-Up which can resolve issues that cause many errors.

This guide will help you check for common problems that cause the log ” Hadoop authentication method is set to SIMPLE; but a Kerberos principal is ” to appear. It’s important to understand the issues related to the log, so to get started, read the general overview on common issues and tips related to the Elasticsearch concepts: plugins, repositories and repository-azure.

Advanced users might want to skip right to the common problems section in each concept or try running the Check-Up which analyses ES to pinpoint the cause of many errors and provides suitable actionable recommendations how to resolve them (free tool that requires no installation).

Log Context

{{mpg_logstarted}}

Log “Hadoop authentication method is set to [SIMPLE]; but a Kerberos principal is” classname is HdfsRepository.java.
We extracted the following from Elasticsearch source code for those seeking an in-depth context :

         // Check if the user added a principal to use; and that there is a keytab file provided
        String kerberosPrincipal = repositorySettings.get(CONF_SECURITY_PRINCIPAL);

        // Check to see if the authentication method is compatible
        if (kerberosPrincipal != null && authMethod.equals(AuthenticationMethod.SIMPLE)) {
            logger.warn("Hadoop authentication method is set to [SIMPLE]; but a Kerberos principal is " +
                "specified. Continuing with [KERBEROS] authentication.");
            SecurityUtil.setAuthenticationMethod(AuthenticationMethod.KERBEROS; hadoopConfiguration);
        } else if (kerberosPrincipal == null && authMethod.equals(AuthenticationMethod.KERBEROS)) {
            throw new RuntimeException("HDFS Repository does not support [KERBEROS] authentication without " +
                "a valid Kerberos principal and keytab. Please specify a principal in the repository settings with [" +




 

Run the Check-Up to get a customized report like this:

Analyze your cluster