Issues in kerberos login on azure cluster

[Davide Vergari <ve...@gmail.com>]

Hi all,
I'm having some issues trying to authenticate myself on a kerberized
cluster hosted on azure.

Cluster is reachable via the internet using public IP address and DNS
resolution in the form of hdpmaster[01-03].mydomain.com and hdpslave[01-12].
mydomain.com, but internally I configured /etc/hosts to use private ip
(with the same FQDN I use for external IP addresses).

Until cluster used simple authentication I had no problem connecting to it
using Java, but now that it is kerberized I'm getting the following error:

2018-05-14 11:00:53 DEBUG AbstractRpcClient:359 - Use KERBEROS
authentication for service MasterService, sasl=true
2018-05-14 11:00:53 DEBUG AbstractRpcClient:729 - Not trying to connect to
hdpmaster02.mydomain.com/XX.XXX.XXX.XX:16000 this server is in the failed
servers list
2018-05-14 11:00:53 ERROR MakeSnapshot:109 - Failed after attempts=2,
exceptions:

where XX.XXX.XXX.XX is my external IP provided by Azure.

If I upload the jar on a VM inside the virtual network, with the hosts file
resolving to the private ip, it works.

Is there a way or a configuration to let this works? Or do I need to use
different FQDN for the internal and external IP resolution and then add
multiple ticket to the kerberos keytab of master and RS?

Thank you