Configuring and enabling Kerberos for Hadoop
In this recipe, we will be configuring Kerberos for a Hadoop cluster and enabling the authentication of services using tokens. Each service and user must have its principal created and imported to the keytab files. These keytab files should be available to the Hadoop daemons to read the passwords and perform operations.
It is assumed that the user has completed the previous recipe "Kerberos Server Setup" and is comfortable using Kerberos.
Getting ready
Make sure that the user has a running cluster with HDFS or YARN fully functional in a multinode cluster and a Kerberos server set up.
How to do it...
- The first thing is to make sure all the nodes are in sync with time and DNS is fully set up.
- On each node in the cluster, install the Kerberos workstation packages using the following commands:
# yum install -y krb5-libs krb5-workstation - Connect to the KDC server
rep.cluster1.comand create a host key for each host in the cluster, as shown in the...
