Create a Kerberos Principal and a keytab File for Sqoop2
About this task
Follow these steps to create Kerberos principals and keytab files for Sqoop2. When
you perform the configuration steps:
- Replace <FQDN> with the FQDN of the server. To determine this value,
run
hostname -f
in the command line. - Replace <REALM> with the realm name in
krb5.conf
file which is generated when you install the KDC server on the cluster.
NOTE: Skip this task if you are not using Sqoop2.
Procedure
-
Using the
kadmin
program, run the following commands to create principals for Sqoop 2:
Kerberos uses the principal HTTP/<FQDN>@<REALM> for communication between Sqoop2 client and Sqoop2 server. The principal mapr/<FQDN>@<REALM> is the Sqoop2 user that communicates between Sqoop2 server and MapR-FS.addprinc -randkey HTTP/<FQDN>@<REALM> addprinc -randkey mapr/<FQDN>@<REALM>
-
Using the
kadmin
program, run the following commands to create keytabs for the principals:xst -k /opt/mapr/conf/mapr.keytab HTTP/<FQDN>@<REALM> xst -k /opt/mapr/conf/mapr.keytab mapr/<FQDN>@<REALM>