Step 4: Modify the httpfs-site.xml File
About this task
httpfs-site.xml
file
called httpfs-site.xml.kerberos
. This file resides in
/opt/mapr/httpfs/httpfs-1.0/etc/hadoop
. You must edit this file and
specify the kerberos principal name for the nodes where you are running httpFS, restart the
httpFS server, and then you can test the set-up. Each step is explained here.To set up
the httpfs-site.xml
file for each node running the httpFS service,
follow these steps:
Procedure
-
Assign a new name to the
existing
httpfs-site.xml
file (to preserve the original version when the file gets overwritten in step 2).cp /opt/mapr/httpfs/httpfs-1.0/etc/hadoop httpfs-site.xml httpfs-site.xml.original
-
Copy the kerberos
version (
httpfs-site.xml.kerberos
) to the existinghttpfs-site.xml
file.cp /opt/mapr/httpfs/httpfs-1.0/etc/hadoop httpfs-site.xml.kerberos httpfs-site.xml
-
Edit the
httpfs-site.xml
file and insert the principal name as shown, substituting your fully qualified domain name and realm forperfnode153.perf.lab@mapr.com
.<property> <name> httpfs.authentication.kerberos.principal </name> <value> mapr/perfnode153.perf.lab@mapr.com </value> </property>
-
Restart the httpFS server so the changes will take effect.
sudo -u mapr /opt/mapr/httpfs/httpfs-1.0/sbin/httpfs.sh stop sudo -u mapr /opt/mapr/httpfs/httpfs-1.0/sbin/httpfs.sh start
-
Test that security is in place by entering the following command
to create a file in MapR-FS. The command will fail if security is
not set up correctly.
curl --negotiate -u : -b ~/cookiejar.txt -c ~/cookiejar.txt -i -X PUT "http://perfnode153.perf.lab:14000/webhdfs/v1/user/mapr/some_file?op=MKDIRS"