Problems have been encountered during HDP installation. Both Failed at first. Internet search, said that the OpenSSL version is too old to update, update after the problem is resolved, but their CentOS7 tried to update, but it is already the latest version. The final version of the problem was python2.7.5. See the error code for online answers.
==========================
Creating target directory...
==========================
Command start time 2018-02-27 09:30:03
Connection to node2.jky.com closed.
SSH command execution finished
host=node2.jky.com, exitcode=0
Command end time 2018-02-27 09:30:03
==========================
Copying ambari sudo script...
==========================
Command start time 2018-02-27 09:30:03
scp /var/lib/ambari-server/ambari-sudo.sh
host=node2.jky.com, exitcode=0
Command end time 2018-02-27 09:30:03
==========================
Copying common functions script...
==========================
Command start time 2018-02-27 09:30:03
scp /usr/lib/python2.6/site-packages/ambari_commons
host=node2.jky.com, exitcode=0
Command end time 2018-02-27 09:30:04
==========================
Copying OS type check script...
==========================
Command start time 2018-02-27 09:30:04
scp /usr/lib/python2.6/site-packages/ambari_server/os_check_type.py
host=node2.jky.com, exitcode=0
Command end time 2018-02-27 09:30:04
==========================
Running OS type check...
==========================
Command start time 2018-02-27 09:30:04
Cluster primary/cluster OS family is redhat7 and local/current OS family is redhat7
Connection to node2.jky.com closed.
SSH command execution finished
host=node2.jky.com, exitcode=0
Command end time 2018-02-27 09:30:04
==========================
Checking 'sudo' package on remote host...
==========================
Command start time 2018-02-27 09:30:04
Connection to node2.jky.com closed.
SSH command execution finished
host=node2.jky.com, exitcode=0
Command end time 2018-02-27 09:30:05
==========================
Copying repo file to 'tmp' folder...
==========================
Command start time 2018-02-27 09:30:05
scp /etc/yum.repos.d/ambari.repo
host=node2.jky.com, exitcode=0
Command end time 2018-02-27 09:30:05
==========================
Moving file to repo dir...
==========================
Command start time 2018-02-27 09:30:05
Connection to node2.jky.com closed.
SSH command execution finished
host=node2.jky.com, exitcode=0
Command end time 2018-02-27 09:30:05
==========================
Changing permissions for ambari.repo...
==========================
Command start time 2018-02-27 09:30:05
Connection to node2.jky.com closed.
SSH command execution finished
host=node2.jky.com, exitcode=0
Command end time 2018-02-27 09:30:06
==========================
Copying setup script file...
==========================
Command start time 2018-02-27 09:30:06
scp /usr/lib/python2.6/site-packages/ambari_server/setupAgent.py
host=node2.jky.com, exitcode=0
Command end time 2018-02-27 09:30:06
==========================
Running setup agent script...
==========================
Command start time 2018-02-27 09:30:06
('WARNING 2018-02-27 09:30:14,621 NetUtil.py:116 - Server at https://master.jky.com:8440 is not reachable, sleeping for 10 seconds...
INFO 2018-02-27 09:30:14,621 HeartbeatHandlers.py:115 - Stop event received
INFO 2018-02-27 09:30:14,621 NetUtil.py:122 - Stop event received
INFO 2018-02-27 09:30:14,621 ExitHelper.py:53 - Performing cleanup before exiting...
INFO 2018-02-27 09:30:14,621 ExitHelper.py:67 - Cleanup finished, exiting with code:0
INFO 2018-02-27 09:30:16,903 main.py:223 - Agent died gracefully, exiting.
INFO 2018-02-27 09:30:16,904 ExitHelper.py:53 - Performing cleanup before exiting...
INFO 2018-02-27 09:30:17,196 main.py:90 - loglevel=logging.INFO
INFO 2018-02-27 09:30:17,197 main.py:90 - loglevel=logging.INFO
INFO 2018-02-27 09:30:17,197 main.py:90 - loglevel=logging.INFO
INFO 2018-02-27 09:30:17,198 DataCleaner.py:39 - Data cleanup thread started
INFO 2018-02-27 09:30:17,199 DataCleaner.py:120 - Data cleanup started
INFO 2018-02-27 09:30:17,199 DataCleaner.py:122 - Data cleanup finished
INFO 2018-02-27 09:30:17,252 PingPortListener.py:50 - Ping port listener started on port: 8670
INFO 2018-02-27 09:30:17,254 main.py:349 - Connecting to Ambari server at https://master.jky.com:8440 (192.168.201.13)
INFO 2018-02-27 09:30:17,254 NetUtil.py:62 - Connecting to https://master.jky.com:8440/ca
ERROR 2018-02-27 09:30:17,314 NetUtil.py:88 - [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:579)
ERROR 2018-02-27 09:30:17,314 NetUtil.py:89 - SSLError: Failed to connect. Please check openssl library versions.
Refer to: https://bugzilla.redhat.com/show_bug.cgi?id=1022468 for more details.
WARNING 2018-02-27 09:30:17,315 NetUtil.py:116 - Server at https://master.jky.com:8440 is not reachable, sleeping for 10 seconds...
', None)
('WARNING 2018-02-27 09:30:14,621 NetUtil.py:116 - Server at https://master.jky.com:8440 is not reachable, sleeping for 10 seconds...
INFO 2018-02-27 09:30:14,621 HeartbeatHandlers.py:115 - Stop event received
INFO 2018-02-27 09:30:14,621 NetUtil.py:122 - Stop event received
INFO 2018-02-27 09:30:14,621 ExitHelper.py:53 - Performing cleanup before exiting...
INFO 2018-02-27 09:30:14,621 ExitHelper.py:67 - Cleanup finished, exiting with code:0
INFO 2018-02-27 09:30:16,903 main.py:223 - Agent died gracefully, exiting.
INFO 2018-02-27 09:30:16,904 ExitHelper.py:53 - Performing cleanup before exiting...
INFO 2018-02-27 09:30:17,196 main.py:90 - loglevel=logging.INFO
INFO 2018-02-27 09:30:17,197 main.py:90 - loglevel=logging.INFO
INFO 2018-02-27 09:30:17,197 main.py:90 - loglevel=logging.INFO
INFO 2018-02-27 09:30:17,198 DataCleaner.py:39 - Data cleanup thread started
INFO 2018-02-27 09:30:17,199 DataCleaner.py:120 - Data cleanup started
INFO 2018-02-27 09:30:17,199 DataCleaner.py:122 - Data cleanup finished
INFO 2018-02-27 09:30:17,252 PingPortListener.py:50 - Ping port listener started on port: 8670
INFO 2018-02-27 09:30:17,254 main.py:349 - Connecting to Ambari server at https://master.jky.com:8440 (192.168.201.13)
INFO 2018-02-27 09:30:17,254 NetUtil.py:62 - Connecting to https://master.jky.com:8440/ca
ERROR 2018-02-27 09:30:17,314 NetUtil.py:88 - [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:579)
ERROR 2018-02-27 09:30:17,314 NetUtil.py:89 - SSLError: Failed to connect. Please check openssl library versions.
Refer to: https://bugzilla.redhat.com/show_bug.cgi?id=1022468 for more details.
WARNING 2018-02-27 09:30:17,315 NetUtil.py:116 - Server at https://master.jky.com:8440 is not reachable, sleeping for 10 seconds...
', None)
Connection to node2.jky.com closed.
SSH command execution finished
host=node2.jky.com, exitcode=0
Command end time 2018-02-27 09:30:19
Registering with the server...
Registration with the server failed.原因:
这是由于较新的Python 2.7.5版本中的一个缺陷造成的,该缺陷会导致无论证书状态如何,证书验证都失败。
(这是由于Python 2.7.5的新版本中存在缺陷,导致无论证书状态如何,证书验证都失败)。
解决步骤:
注意:作为一种解决方案,我们强烈建议Python不要更新到比Python -2.7.5-48.el*更新的版本。x86_64(或者降级到那个版本,如果更新的话)。
你可以通过python -V或python -c ‘import sys来验证你的版本;print(sys.version)’或yum列表安装了|grep python。您需要确认主要版本是2.7.5,构建版本是2017年2月或更早,完整版本是2.7.5-48或更早。
或者,如果您希望保持在较新的版本上,您可以禁用Python中的证书验证:
sed -i 's/verify=platform_default/verify=disable/' /etc/python/cert-verification.cfg** I solved the problem with this command. You only need to enter this command on both nodes. The screenshot of this article is only executed on the first node, so the second node fails again
(Note: As a solution, we strongly recommend it
Don’t
Update Python to a newer version (or downgrade to it, if updated) than Python-2.7.5-48. el *.x86_64.
You can import sys via Python-v or Python-C ‘; Print (sys.version) ‘or install yum list | grep python. You need to confirm that the primary version is 2.7.5, the version is February 2017 or earlier, and the full version is 2.7.5-48 or earlier.
Or, if you want to keep it in the new version, you can disable certificate validation in Python 🙂
* Through Python-V, I can only check that my Python version is 2.7.5, but I don’t know whether it is 2.7.5-48 or not. Therefore, I can’t reduce the version to 2.7.5-48 according to others’ solution and disable certificate verification intelligently. Hopefully, there is a way to fix the problem by changing the Python version
Problem solving resources:
1.https://interset.zendesk.com/hc/en-us/articles/115011874548–SSL-CERTIFICATE-VERIFY-FAILED-certificate-verify-failed-ssl-c-579-
2.https://community.hortonworks.com/questions/120861/ambari-agent-ssl-certificate-verify-failed-certifi.html
Read More:
- URLError: urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:833)
- How to Fix SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed.
- ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed
- Python uses requests to request and reports SSL: CERTIFICATE_VERIFY_FAILED error
- Spark login error unable to verify certificate and certificate host name verification failed
- svn: E230001: Server SSL certificate verification failed: certificate issued
- Idea svn connection https error report: E230001: Server SSL certificate verification failed: certificate issued
- cURL error 60: SSL certificate problem: self signed certificate in certificate chain
- SSL handshake failed: SSL error: illegal key usage detected in the certificate
- python3 request module https certificate verify failed error
- wget Error: ERROR: cannot verify nih.at’s certificate, issued by “/C=US/O=Let‘s Encrypt/CN=R3”
- python:urllib2.URLError urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed
- Shell curl command reported an error: (60) SSL certificate problem: self signed certificate
- cURL error 60: SSL certificate problem: unable to get local issuer certificate
- GuzzleHttp cURL error 60: SSL certificate problem: self signed certificate
- [Solved] Error: unable to verify the first certificate
- server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none
- Jenkins SVN error Server SSL certificate verification failed: issuer is not trusted
- Git prompt error setting certificate verify locations
- git clone Error: “server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLf…