I’m looking for information on how to set up Kerberos on the SnapLogic groundplex for authentication to Cloudera. I want to use Hive account and snap pack. I see this documentation:
https://docs-snaplogic.atlassian.net/wiki/spaces/SD/pages/2015960/How+to+Configure+a+Groundplex+for+CDH+with+Kerberos+Authentication
Is that all there is to it? Or are there more steps?
Hello @PSAmmirata -
Thank you for your question about configuration of Kerberos setup with Snaplogic Groundplex. The steps listed are sufficient to configure groundplex to work with Kerberized Hadoop clusters. Were you able to follow steps and configure the groundplex? Do you see any issues?
Thank you. I haven’t followed the steps yet. I was just checking on the steps before I start.
Excellent! Please let us know if you have any trouble in configuring.
We’re using RHEL7. From what I’ve read the krb5-auth-diaglog package is depracated in RHEL7.
Step 5 says to “Generate the keytab file for the kerberos user.” Does anyone have details on how to do this?
Creating a keytab file is straightforward.
$ ktuil
ktutil: add_entry -password -p principal -k knvo -e enctype
(enter password)
ktutil: write_kt keytabfile
ktutil quit
where
You can verify the new file with ‘klist -kt keytabfile’.
If the server principal does not exist yet:
$ kadmin
kadmin: add_principal principal
kadmin: ktadd -k keytabfile principal
If the server principal already exists:
$ kadmin
kdamin: ktadd -k keytabfile -norandkey principal
where principal is something like “hdfs/172.3.1.7@MYORG.EXAMPLE.COM”.
Step 6/7 refers to a Hadoop (HDFS) configuration directory. We’re using Cloudera and our Cloudera admin said we don’t have a config directory. Can anyone provide details on what directory this is?
We did get this working. Here are some of my notes that may be useful.
