Step 4: Modify the httpfs-site.xml File
About this task
httpfs-site.xml file
called httpfs-site.xml.kerberos. This file resides in
/opt/mapr/httpfs/httpfs-1.0/etc/hadoop. You must edit this file and
specify the kerberos principal name for the nodes where you are running httpFS, restart the
httpFS server, and then you can test the set-up. Each step is explained here.To set up
the httpfs-site.xml file for each node running the httpFS service,
follow these steps:
Procedure
-
Assign a new name to the
existing
httpfs-site.xmlfile (to preserve the original version when the file gets overwritten in step 2).cp /opt/mapr/httpfs/httpfs-1.0/etc/hadoop httpfs-site.xml httpfs-site.xml.original -
Copy the kerberos
version (
httpfs-site.xml.kerberos) to the existinghttpfs-site.xmlfile.cp /opt/mapr/httpfs/httpfs-1.0/etc/hadoop httpfs-site.xml.kerberos httpfs-site.xml -
Edit the
httpfs-site.xmlfile and insert the principal name as shown, substituting your fully qualified domain name and realm forperfnode153.perf.lab@mapr.com.<property> <name> httpfs.authentication.kerberos.principal </name> <value> mapr/perfnode153.perf.lab@mapr.com </value> </property> -
Restart the httpFS server so the changes will take effect.
sudo -u mapr /opt/mapr/httpfs/httpfs-1.0/sbin/httpfs.sh stop sudo -u mapr /opt/mapr/httpfs/httpfs-1.0/sbin/httpfs.sh start -
Test that security is in place by entering the following command
to create a file in MapR-FS. The command will fail if security is
not set up correctly.
curl --negotiate -u : -b ~/cookiejar.txt -c ~/cookiejar.txt -i -X PUT "http://perfnode153.perf.lab:14000/webhdfs/v1/user/mapr/some_file?op=MKDIRS"