- PHD 1.1.1
- KRB5_TRACE only works on Kerberos 1.9.0+.
- Pivotal HDB 1.1.4 and above
How to enable kerberos trace logging with HDB to identify any kerberos issue?
Step 1: Edit /usr/local/hawq/greenplum_path.sh file to include the below entry:
export KRB5_TRACE=<File Name>
Note: Donot use /dev/out instead of filename above, it will slow down the initialization process and also, messages would not be available for future references
Enabling KRB5_TRACE will send tracing information for kinit to the specified file.
Step 2: Source greenplum_path.sh file
Step 3: Continue initializing / restarting HDB
Now you can refer to the file created and review any kerberos errors encountered.
On the master node, once HDB is restarted, run the following command:
grep -a --color -e KRB5 /proc/$(pgrep -f -- "-M master")/environ
This will output the environment variables for HDB master. The variable KRB5 will be highlighted.