Apache Ambari Release Notes
Also available as:

Known Issues

Ambari 2.7.1 has the following known issues, scheduled for resolution in a future release.

Table 1.3. Ambari 2.7.1 Known Issues

Apache Jira

Hortonworks Bug ID



AMBARI-24781BUG-111968When the ambari server setup-ldap cli is invoked for a second time, the previously configured LDAP values are not suggested as the defaults.

Values must be reconfigured each time the setup-ldap utility is invoked.

http://dev.hortonworks.com.s3.amazon.aws.com/HDPDocuments/HDP3/HDP-3-trunk/ambari-authentication-ldap-ad/content/setting_up_ldap_user_authentication.htmlConfiguring Ambari to authenticate external users

AMBARI-24781BUG-111968The ldap-type option cannot be passed in as a flag for silent configurations. Configure the ldap type interactively. This option is only used to populate the initial defaults for the interactive setup-ldap menu and does not override explicitly configured options.
AMBARI-24781BUG-111968Example values for setup-ldap using IPA do not sync group membership. In the setup-ldap menu, configuring "posixaccount" for User object class and "member" for Group member attribute need to be explicitly set for most IPA installations.

'ambari-server setup-ldap' fails with AttributeError when master_key is not persisted

  1. Installed ambari-server and configured password encryption, but chose not to persist master key:

    Choose one of the following options:
      [1] Enable HTTPS for Ambari server.
      [2] Encrypt passwords stored in ambari.properties file.
      [3] Setup Ambari kerberos JAAS configuration.
      [4] Setup truststore.
      [5] Import certificate to truststore.
    Enter choice, (1-5): 2
    Password encryption is enabled.
    Do you want to reset Master Key? [y/n] (n): y
    Master Key not persisted.
    Enter current Master Key:
    Enter new Master Key:
    Re-enter master key:
    Do you want to persist master key. If you choose not to persist, you need to
    provide the Master Key while starting the ambari server as an env variable
    named AMBARI_SECURITY_MASTER_KEY or the start will prompt for the master key.
    Persist [y/n] (y)? n
    Adjusting ambari-server permissions and ownership...
    Ambari Server 'setup-security' completed successfully.

    Then, export environment variable.


    Then, run LDAP setup with the following settings:

    ambari-server setup-ldap -v
    Review Settings
    Primary LDAP Host (ldap.ambari.apache.org):
    Primary LDAP Port (389):  389
    Use SSL [true/false] (false):  false
    User object class (posixUser):  posixUser
    User ID attribute (uid):  uid
    Group object class (posixGroup):  posixGroup
    Group name attribute (cn):  cn
    Group member attribute (memberUid):  memberUid
    Distinguished name attribute (dn):  dn
    Search Base (dc=ambari,dc=apache,dc=org):  dc=apache,dc=org
    Referral method [follow/ignore] (follow):  follow
    Bind anonymously [true/false] (false):  false
    Handling behavior for username collisions [convert/skip] for LDAP sync (skip):
     skip ambari.ldap.connectivity.bind_dn: uid=hdfs,ou=people,ou=dev,dc=apache,dc=org
    ambari.ldap.connectivity.bind_password: *****
    Save settings [y/n] (y)? y
  2. Issues:

    1. Master Key generation fails:

      INFO: Loading properties from /etc/ambari-server/conf/ambari.properties
      Traceback (most recent call last):
        File "/usr/sbin/ambari-server.py",
      line 1060, in <module> mainBody()
        File "/usr/sbin/ambari-server.py",
      line 1030, in mainBody main(options, args, parser)
        File "/usr/sbin/ambari-server.py",
      line 980, in main action_obj.execute()
        File "/usr/sbin/ambari-server.py",
      line 79, in execute self.fn(*self.args, **self.kwargs)
        File "/usr/lib/ambari-server/lib/ambari_server/setupSecurity.py",
      line 860, in setup_ldap encrypted_passwd = encrypt_password(LDAP_MGR_PASSWORD_ALIAS, mgr_password, options)
        File "/usr/lib/ambari-server/lib/ambari_server/serverConfiguration.py",
      line 858, in encrypt_password return get_encrypted_password(alias, password, properties, options)
        File "/usr/lib/ambari-server/lib/ambari_server/serverConfiguration.py",
      line 867, in get_encrypted_password masterKey = get_original_master_key(properties, options)
        File "/usr/lib/ambari-server/lib/ambari_server/serverConfiguration.py",
      line 1022, in get_original_master_key if options is not None and options.master_key is not
       None and options.master_key:
      AttributeError: Values instance has no attribute 'master_key'
      [root@ctr-e138-1518143905142-473336-01-000002 ~]#
    2. Repeated prompt for Master Key, despite providing correct value.

    3. Returns an incorrect master key value and the shell repeats printing "ERROR: ERROR: Master key does not match." and scrolls the page

  3. The issues are seen when master key is not persisted as part of the initial password encryption step.

Persist the master key BEFORE setting up LDAP.


BUG-109436Upgrade History page is blank after a cluster is upgraded multiple timesNo known workaround.

YARN Timeline Service V 2.0 Reader component stops after a patch upgrade of the service HBase from HDP 3.0.0 to HDP 3.0.1.

Manually start the YARN Timeline Service V 2.0 Reader component.
AMBARI-24536BUG-109839When SPNEGO is enabled (`ambari-server setup-kerberos`), the SSO (`ambari-server setup-sso`) redirect no longer works.No known workaround. Do not enable both kerberos and SSO using ambari-server setup.
N/ABUG-111345This issue only applies when performing a "minor" Apache Ambari rolling upgrade from HDP-3.0.0 to HDP-3.0.1. After performing a rolling upgrade, some Apache Spark2 components may not start. Select Spark2 > Configs > Custom spark2-thrift-sparkconf and add the following properties: spark.yarn.keytab and spark.yarn.principal. Set the value of these properties to match the values of the spark.history.kerberos.keytab and spark.history.kerberos.principal properties in Spark2 > Configs > Advanced spark2-defaults. Click Save, then restart Spark and any other services that require a restart.