I am also getting the same issue.. we are on hdp2.3 on ec2.. and used the instructions from the above link.
Once I get a renewable ticket i am able to perform hdfs operations and also launch mr jobs..
Even though hive cli is not via hive server 2.. thats working as well..
When I try to connect via beeline.. I get the same error
I am getting the ticket as my own user.. but I am using hive/<host>@<realm> for the principal..
Just for testing i tried using hives own keytab to get the ticket as well.. did not work..
Lots of articles only suggested to renew token before launching beeline.. did not work
One article suggested to use a different principal and keytab for the hive metastore… did not work
Sasl is enabled as suggested
Here is the /etc/krb5. conf:
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
default_realm = ABC.COM
dns_lookup_realm = false
dns_lookup_kdc = false
ticket_lifetime = 30m
renew_lifetime = 10h
forwardable = true
udp_preference_limit = 1
[realms]
ABC.COM = {
kdc = localhost
admin_server = localhost
default_principal_flags = +renewable
max_renewable_life = 7d 0h 0m 0s
}
[domain_realm]
.abc.com = ABC.COM
abc.com = ABC.COM