Search This Blog

Enabling debug logs in Apache Hadoop and Hortonworks Data Platform

To trouble shoot hadoop issues we need to have debug logs to get more low level default debug logs are not enabled in Hortonworks data platform and in plain hadoop also.
In this post,we will discuss how to enable debug logs in HDP and plain hadoop.

1. Modify /var/lib/ambari-server/resources/stacks/HDP/2.0.6/hooks/after-INSTALL/templates/

In HDP,we need to add below line to to enable debug logs on HDFS services.


If you are using Plain hadoop you can directly add above line to /etc/hadoop/conf/ file in all nodes and restart HDFS deamons on all nodes.
If you are using Hortonworks Data Platform ,You need to follow below steps.

2. Restart Ambari agents on all nodes

We need to restart ambari agent on all master nodes,data nodes and edge nodes if any. We need to run below command for restarting.

service ambari-agent restart.

Or we can stop and start ambari agent.

service ambari-agent stop
service ambari-agent start

3. Restart Ambari server

We also need to restart ambari server on first master.We can run below command.

service ambari-server restart

Or we can stop and start ambari server.

service ambari-server stop
service ambari-server start

4. Restart HDFS services

In Ambari UI ,Click on HDFS , click service actions drop down and select restart all option.It will ask for confirmation once you confirm, it will restart all HDFS daemons.

Once debug logs are enabled you can check them in name node logs and data node logs.Debug logs consume lot of space you need to disable them once you collect required logs. to disable remove added export command and restart above mentioned services.

Fixing HDFS issues

fsck command scans all files and directories in HDFS for errors and abnormal conditions.  This has to be run by administrator periodically and also name node runs it and fixes most of the issues periodically.

Below is the command syntax and it needs to be run as hdfs user.

hdfs fsck <path>

We can specify root (/) directory to check for errors on complete HDFS or we can specify directory to check for errors in it.

fsck report contains

Displays under-replicated blocks,over-replicated, mis-replicated and corrupt blocks.

Displays number of total files and directories available in HDFS. 

Default replication factor and available average replication factor .

Number of data nodes and number of racks are also displayed in fsck report.

Finally it displays file system status as healthy or corrupt.

fsck final status needs to be healthy, If it is corrupt it needs to be fixed by either administrator or most of issues will be fixed by name node automatically over a period of time.

Below is sample fsck output.

hdfs fsck /

Total size:    466471737404 B (Total open files size: 27 B)

 Total dirs:    917
 Total files:   2042
 Total symlinks:                0 (Files currently being written: 3)
 Total blocks (validated):      4790 (avg. block size 97384496 B) (Total open file blocks (not validated): 3)
  CORRUPT FILES:        9
  MISSING SIZE:         315800 B
 Minimally replicated blocks:   4781 (99.81211 %)
 Over-replicated blocks:        0 (0.0 %)
 Under-replicated blocks:       4274 (89.227554 %)
 Mis-replicated blocks:         0 (0.0 %)
 Default replication factor:    3
 Average block replication:     2.0885177
 Corrupt blocks:                9
 Missing replicas:              4280 (29.944729 %)
 Number of data-nodes:          3
 Number of racks:               1
FSCK ended at Sun Mar 20 12:52:45 EDT 2016 in 244 milliseconds

The filesystem under path '/' is CORRUPT

under replicated blocks
over replicated blocks

dfs.replication in hdfs-site.xml specifies required number of replicas for a block on cluster. If number of replicas are less than that they are called under replicated blocks. This might happen when data nodes go down. If number of replicas are higher than that they are called over replicated blocks. Over replicated blocks might happen when crashed data nodes come back to normal.

under and over replicated blocks can be addressed with setrep command or name node will fix it after some point of time.

hdfs dfs -setrep -w 3 /path

  1. If you have 2 replicas but required 3 replicas,set replication factor 3. and also if you have 4 replicas but required 3 then also set replication factor 3.
  2. Run balancer ,some times it should also fix it.
  3. Copy under/over replicated file to different location and remove that under/over replicated file. Now rename copied file to original name. You need to be careful to use this trick.If you remove under/over replicated file,Jobs using that file might fail.
After replication factor is set, Use hdfs dfs -ls command on the file that also displays replication factor.

Corrupted blocks

We  should delete corrupted files and we can set appropriate replucate factor after that.
We need to use hdfs fsck / -delete command to delete corrupted files.

We can check corrupted blocks using  hdfs fsck / -list-corruptfileblocks command.

Missing blocks

    --find out which node has missing blocks and check if data node is running or not if possible try with data node restart. we can check data node status from active name node UI or run jps command on all data nodes to check if data node is running or not.

Administrator has to run fsck command reguralry to check hadoop file system for errors. and He has to take necessary actions against errors to avoid data loss.

fsck command has several options,Some of them are


     It displays files of directory.

hdfs@cluster10-1:~> hdfs fsck / -files
/user/oozie/share/lib/sqoop/commons-io-2.1.jar 163151 bytes, 1 block(s):  OK


       It displays blocks information.

hdfs@cluster10-1:~> hdfs fsck / -files -blocks
/user/oozie/share/lib/sqoop/oozie-sharelib-sqoop- 7890 bytes, 1 block(s):  OK
0. BP-18950707- len=7890 repl=3

               It displays nodes host name where blocks are stored.

hdfs@cluster10-1:~> hdfs fsck / -files -blocks -locations
/user/oozie/share/lib/sqoop/sqoop- 819248 bytes, 1 block(s):  OK
0. BP-18950707- len=819248 repl=3 [,,]

               It deletes corrupted blocks. We need to run it when we find corrupted blocks in the cluster.


                      Displays files opened for writing.


                                  It displays only corrupted blocks for given path.

hdfs fsck / -list-corruptfileblocks
Connecting to namenode via http://cluster10-1:50070
The filesystem under path '/' has 0 CORRUPT files

Checking specific information

If we want to see specific type of files in fsck report we need to use grep command on fsck report.
If we want to see only under replicated blocks we need to grep like below.

hdfs fsck / -files -blocks -locations |grep -i "Under replicated"

/data/output/_partition.lst 297 bytes, 1 block(s):  Under replicated BP-18950707- Target Replicas is 10 but found 4 replica(s).

We can replace under replicated with corrupt to see corrupt files.

hdfs@cluster10-1:~> hdfs fsck / -files -blocks -locations|grep -i corrupt
Connecting to namenode via http://cluster10-2:50070
/apps/hbase/data/corrupt <dir>
/data/output/part-r-00004: CORRUPT blockpool BP-18950707- block blk_1073778646
/data/output/part-r-00008: CORRUPT blockpool BP-18950707- block blk_1073778648
/data/output/part-r-00009: CORRUPT blockpool BP-18950707- block blk_1073778649
/data/output/part-r-00010: CORRUPT blockpool BP-18950707- block blk_1073778650
/data/output/part-r-00016: CORRUPT blockpool BP-18950707- block blk_1073778654
/data/output/part-r-00019: CORRUPT blockpool BP-18950707- block blk_1073778659
/data/output/part-r-00020: CORRUPT blockpool BP-18950707- block blk_1073778660
/data/output/part-r-00021: CORRUPT blockpool BP-18950707- block blk_1073778661
/data/output/part-r-00026: CORRUPT blockpool BP-18950707- block blk_1073778663

  CORRUPT FILES:        9
 Corrupt blocks:                9

The filesystem under path '/' is CORRUPT

Above command displays complete information. If we want only file path,we need to use AWK.

hdfs fsck / -files -blocks -locations |grep -i "Under replicated"|awk -F " " '{print $1}'
Connecting to namenode via http://cluster10-1:50070

as we have discussed we can set replication factor using setrep command to fix under replicated blocks.when we have so many under-replicated blocks it is difficult to run setrep command on all files.
To avoid manual setting,write all under replicated files path to a file and write a shell script that sets replication factor for all files.

hdfs fsck / -files -blocks -locations |grep -i "Under replicated"|awk -F " " '{print $1}' >>underreplicatedfiles

Happy Hadooping.

Your Hadoop job might fail due to invalid gzip files

We can use compressed data formats like gzip ,bzip2 and LZO in Hadoop. Gzip is not splittable and is suitable for small files.bzip2 is splittable,though lzo is by default not splittable we can make it splittable.I have seen many people also using gzip files in hadoop. If you have any corrupt gz files ,your job will fail.It is good idea to test gz files for errors before submitting a job.

gzip command comes with t option that will test existing gz file and If no errors found in file ,no message is thrown.

hdfs@cluter10-1:~> gzip -t test.txt.gz


If any errors are found it will throw them on console.

hdfs@cluter10-1:~> gzip -t test.gz

gzip: test.gz: not in gzip format

We can even check files that are available in HDFS for errors.

hdfs@cluter10-1:~> hdfs dfs -cat /data/sample/test.txt.gz|gzip -t

You might have so many gz files in a folder then It is time taking process to test them individually.
We can write small script to check all gz files in a directory for errors . 

First line Take all files from given directory using AWK command that picks 8 occurrence after applying space delimiter. and all files are passed to for loop.

for i in `hdfs dfs -ls gz/*|awk -F" " '{print $8}'`
echo "checking $i"
hdfs dfs -cat $i|gzip -t

Third line prints file that is being checked now. and Fourth line actually checks file for errors. If your hadoop job fails with file related errors and you have gz files , then this article is useful.

Below error might be related to invalid gz files.

createBlockOutputStream Premature EOF: no length prefix available

Hope this small script is useful for you.

Happy Hadooping.

Analysis of Cloudera customer case studies

Cloudera is a leading big data vendor in the world. It is providing Hadoop support and training services to it's customers.  I always used to think how big data customers are deciding a vendor.
So for fun, I have downloaded all customer case studies of Cloudera . And I did analysis to generate a report about what they are saying in case study.

I have categorized case study text into four topics.

1). What are most commonly mentioned benefits for Cloudera?
2). What were they mostly using before Hadoop? Of course some business use cases are new ones.
3). What is mostly used technology in Cloudera customers?
4). Which Domains  customers  are mostly using Cloudera services?

Domains :

Cloudera  customers are from domains health care, BFSI, Digital marketing ,education and security etc..

So most of the customers are from below three domains.

Heath Care
Digital marketing

It is good to know that second most customers are from health care domain. Some thing good happening to humans with big data. Interesting use case is real time monitoring of kids in hospitals. Seems Nationl Children hospital has improved patient care for kids using hadoop .

Migration :
                    many customers did not mention what they were using before hadoop. And some customers have fresh use cases for hadoop. Some customers mentioned below technologies as their old technology stack.

Data Warehouse

Many customers say their rdbms could not deal with big data. Customers mentioned they were using Oracle,SQL Server,DB2 and MySQL.

Mostly used technology :

Cloudera customers say they are using batch processing ,real time ,ETL and visualization tools of hadoop eco system.

Mostly mentioned technologies are :

Surprised to know most of the customers say they are using Hive ,Flume ,Mapreduce and HBase.

Benefits :

Let us see why customers  are choosing Cloudera over others.

Seems Hadoop itself is a cost-effective solution. Though Cloudera is relatively costlier than Mapr and Hortonworks. Still customers say it is cost-effective ,I think they are comparing against data warehouse and other solutions. Cloudera is also well know for training and support services.

Hope this is useful for you. Please check about MapR here.

Analysis of MapR customer case studies

For fun, I just wanted to do analysis of vendors like MapR,Hortonworks and Cloudera. So started with MapR. I am interested to know what benefits customer are getting or expecting from a vendor? 

Tools they are implementing. 

Domains of the customer .

Migration if they are doing any.

And other benefits.

I have downloaded customer case studies from their official website and analyzed all of them to come with below reports.

Domains :

MapR customers are from almost all domains but most of them are from digital marketing and health care.
Digital marketing has more number of customers. Next is health care domain.

Digital marketing.
Health Care.

Mostly Used Tool :

I have seen many of customers have use cases for real time analytics in MapR customer list. seems MapR-DB is able to attract many customers .Customers also using storm ,Kafka and Spark.
Below are three mostly used tools in MapR customers, MapR-DB is number one next comes Mapreduce and Kafka.


I would like to know why and how customers are choosing vendors .Most of MapR customers mentioned below three benefits. seems MapR has established unique brand with them.

NFS Support
Better performance

NFS is the unique feature customers getting from MapR.

Migration :

It is always interesting to know what were customers using before Hadoop. Though many use cases are fresh ones. Many of the customers mentioned they migrated their technology stack from RDBMS to Hadoop.Oracle and SQL Server are mostly mentioned technologies.


Hope this is useful for you. Please check about Cloudera here.

Hadoop eco system books to read

Even though Hadoop is a 10 years old technology still you will find less number of resources to learn it. They are different reasons for that. One of them is , Hadoop is rapidly changing technology and many people might have not tried all features of it. and some times It is also not ready for enterprise use cases.

I would like to put list of Hadoop eco system books at one place in this article.

Hadoop The definitive guide :

First and fore most important book every body should read on Hadoop is Hadoop the definitive guide. It not only covers HDFS and Mapreduce but also mapreduce abstractions like cascading,hive and pig too. Apart from that it covers both aspects development and administration of technology .It also has latest features covered in latest edition. It also covers certification syllabus for both Hortonworks and Cloudera. Book is organised well and covers quality content and examples.
However if you want to have complete understanding of a specific tool .Then you may have to check another book on that tool. This book covers all features of HDFS and Mapreduce but only core features of other tools in eco system. Spark is also covered in latest edition.

Hadoop in practise :

This book covers in depth topics of HDFS and Mapreduce with very good coding examples.
Apart from HDFS and Mapreduce ,It also covers SQL tools like Hive , Impala and Spark SQL.

Hadoop operations

This book is very good book on administration operations.It covers installation and configuration of hadoop daemons. Operating system  and Network details are also covered as part of cluster planning topics. This is a small book but covers quality content on administration.
for administration you may be interested to refer this book along with Hadoop definitive guide.

Eco system tools:

This is a very good book on Apache Hive . It almost covers all topics of Hive. Best part is It also covers most difficult features of hive in an understandable explanation.If you want to master UDFs and UDAFs , You can depend on it.

Small book covers Apache Pig. Author has very good experience on Apache Pig. Editorial work is not done properly.There is a scope for improvement in this book. 

Cascading is most useful tool in hadoop eco system. It has very good documentation on its home page. To know more practical applications and different analytical capabilities  of Cascading framework, This book is very useful.

If you want to know, why or where RDBMS is not relevant in big data applications and How HBase addresses the problems of big data , is well covered in this book.  It is useful for both development and administration of Hbase.

Below are other books available on utility tools like Sqoo, Oozie and Flume. I have not read these books also we do not have options for them as of now.

Apache Sqoop Cookbook :

Apache Oozie : the Workflow scheduler for Hadoop

Using Flume : Flexible, Scalable ad Reliable Data Streaming

Prerequisite for learning Apache Hadoop

Apache Hadoop is a framework, that is used for processing large data sets on commodity hardware.
It has two core modules ,HDFS and Mapreduce. HDFS is used for data storage and Mapreduce is used for data processing. Hadoop has became de facto standard for processing large data sets.
As it is widely used in the companies ,now a days, every body is trying to learn Apache Hadoop .
In this article ,I will discuss prerequisites for learning Hadoop.

Hadoop eco system has so many tools and growing fast day by day.Main tools are HDFS and Mapreduce. Both are written in Java. Many technologies are written on top of Mapreduce. For example Apache Hive ,Apache Pig,Cascading and Crunh etc..These technologies also developed using Java. Apache HBase is a NOSQL Database .Apart from these ,we also have small tools like Apache SQOOP and Apache Oozie. These too written using Java.

Below Skill set is required for learning Apache Hadoop.

Programming Language:

Most of the technologies in Hadoop Eco system are written using Java . Hadoop also has support for several programming languages.  We can use AWK and SED as part of Streaming. C/C++ can be used as part of Pipes. Python can also be used for data processing ,again Streaming can support it.
Java is widely used in Hadoop.Python is also often used . Scala is also used after of success of Spark.


Apache Hive query language is almost same as ANSI SQL. Apache Pig has many commands similar to sql .For example ,order by ,group by and joins also available in Apache Pig. Similarly Same commands are also available in Casscading. of course they are Java classes in it.HBase too has some commands similar to SQL commands.Not only Hadoop eco system tools but also many big data tools provide SQL interface so that people can easily learn it.Cassandra is also same as SQL.

Operating System:

You need to have good OS skills. Most of the time, Unix based operating systems are used in production. So if you know any Unix based OS ,Your day to day life will become easy.If you also know shell script You can achieve good productivity.


 Apache Sqoop has simple commands ,One can easily learn it. Apache Oozie applications are written using XML files. and almost every technology comes with REST API. and some REST APIs give JSON output. as all of these tools are build for parallel computing, It is better have an understanding about different parallel computing technologies.  Last but not least ,one needs to have good debugging/trouble shooting skills to resolve one's day to day issues . Otherwise you may spend several days on a single problem.
Feel free to contact me if you have any other questions.

Introduction to Apache Knox

Hadoop Eco System has many tools as you already know.Some of them are HDFS , Hive, Oozie and Falcon etc.All these tools provide  REST API so that other tools can communicate with them. Every tool will have hostname and port number as part of their REST API URL.With respect to security , It is not good practice to expose internal host names and port numbers. Some body might try to attack using them.

To address this problem , we have a security tool called Apache Knox. Apache Knox is a REST API based gateway security tool that provides perimeter security for all Hadoop services.

Apache Knox hides REST API URLs of  all hadoop services for external hadoop clients.They will only use REST API provided by Apache Knox . Knox will delegate external hadoop client requests to corresponding hadoop services. And before delegating hadoop client requests , Knox provides all security services configured on the cluster.

Below are some more important points of Apache Knox.
  • Demo LDAP is by default available for Apache Knox.
  • Kerberos is optional for Apache Knox but can easily be integrated with knox. 
  • External clients need not remember all REST API URLs of all hadoop services.
  • Provides Audit log
  • Provides authorization even including service level authorization 


Difference between Apache Hive and Apache Pig

MapReduce follows key-value programming model. It has two core stages Map and Reduce.
Both Map and Reduce have key-value as an input and key-value as an output. To write Map Reduce applications ,we need to know one programming language like Java.
These MapReduce applications will have a Map program , a reduce program and a driver program to run map and reduce programs.We need to create a jar containing these programs to process the data.

This Mapreduce has lengthy development time and may not be suitable for situations like adhoc querying. That is one of the reasons there are so many abstractions available for Mapreduce.
For example Cascading, Apache Crunch, Apache Hive and Apache Pig etc...All of these hide key-value complexity for developer. We will now discuss differences between Apache Hive and Apache Pig.

Apache Hive       VS   Apache Pig

Types of Data they support

Apache Hive :  

Hive is a scalable data warehouse on top of Apache Hadoop. As data is available in tables it only supports structured data . processing semi structured data is difficult and processing unstructured data is very very difficult.

Apache Pig :

Pig is a platform for processing large data sets. Its query language is called Pig latin. Pig latin can process structured ,semi structured and unstructured data.

Programming model

Apache Hive :  Hive query language is declarative programming language. It is not easy to build complex business logic.

Apache Pig : Pig Latin is an imperative programming language , You can easily write complex business logic.


Apache Hive :   Hive has a component called HCatalog that provides cross platform schema.
It also has Rest API called WebHCatalog. So You can integrate any tool with Apache Hive.
Already Teradata, Aster Data got integrated with apache Hive. Even Pig can process data using WebHCatalog.

Apache Pig : It does not have any such feature. Because it is processing platform not a storage platform.


Apache Hive : We can debug hive queries but not that easy.

Apache Pig : Pig Latin is a data flow language It is designed keeping debugging feature in mind.

So We can easily debug Pig Latin scripts.


Both can be easily learned . Hive is almost same as SQL. Pig Latin also looks like SQL .

One can easily learn hive and start writing queries to process data.

Industry Adoption

Apache Hive : It is more widely used in the industry than Apache Pig. 

Adhoc Querying

Both can be used for adhoc querying Hive is more suitable than Pig if it is structured data.

Complex Business logic

If you have to develop applications that have so much business complexity. It is better to use Apache Pig rather than using Hive.

Pig is widely used in research applications than Hive for the same reason.

Let me know if you want to compare these two for any other use-case.

Error Categories in Apache Pig

When you are working on Apache Pig you might see some error codes with some error description.
I would like to discuss those error codes categories so that It becomes easy to progress  for error resolution.

Apache Pig categorizes error codes into four groups . They are INPUT,BUG,USER ENVIRONMENT and REMOTE ENVIRONMENT.

If error code is greater than or equals to 100 and less than or equals to 1999 ,They fall in INPUT group.

For Example :

Error code 1000 is thrown if Pig Latin script input is not parse-able.

and also Error Code 1005 is thrown when we are trying to describe relation which does not have  a n input schema.

If error codes is greater than or equals to 2000 and less than or equals to 2999. They fall under BUG group. all of these are run time errors .

For example Error Code 2009 is thrown when copy operation is failed .

If error codes is greater than or equals to 3000 and less than or equals to 4999. They fall under USER ENVIRONMENT group.

For example : Error code 4002 is thrown when program fails to read data from a file. because there is a problem in User environment.

If error codes is greater than or equals to 5000 and less than or equals to 6999. They fall under REMOTE ENVIRONMENT group.

For example error code 6002 is thrown when out of memory occurs on cluster.