You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ambari.apache.org by "Sumit Gupta (JIRA)" <ji...@apache.org> on 2014/10/15 22:40:33 UTC
[jira] [Created] (AMBARI-7799) Add Knox kerberos setup to the
existing Ambari security capabilities
Sumit Gupta created AMBARI-7799:
-----------------------------------
Summary: Add Knox kerberos setup to the existing Ambari security capabilities
Key: AMBARI-7799
URL: https://issues.apache.org/jira/browse/AMBARI-7799
Project: Ambari
Issue Type: Task
Components: stacks
Affects Versions: 1.7.0
Reporter: Sumit Gupta
Documentation for setting up Knox to use kerberos can be found here:
http://knox.apache.org/books/knox-0-5-0/knox-0-5-0.html#Secure+Clusters
To summarize some of the things that need to be done besides the keytab creation:
1. the krb5 conf files need to be created and templated to work with the cluster setup.
2. gateway-site.xml needs to be modified to enable security and point to the krb5 conf files
3. Other services that Knox is configured to work with may also need some configuration changes. Specifically, core-site.xml, webhcat-site.xml and oozie-site.xml all need to be modified to setup Knox as a trusted proxy
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)