You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@ambari.apache.org by "Aleksandr Kovalenko (JIRA)" <ji...@apache.org> on 2013/10/25 18:26:31 UTC

[jira] [Created] (AMBARI-3592) Reassign Master(secure cluster): Display principal and keytab path creation as a required manual step.

Aleksandr Kovalenko created AMBARI-3592:
-------------------------------------------

             Summary: Reassign Master(secure cluster): Display principal and keytab path creation as a required manual step.
                 Key: AMBARI-3592
                 URL: https://issues.apache.org/jira/browse/AMBARI-3592
             Project: Ambari
          Issue Type: Task
          Components: client
    Affects Versions: 1.4.2
            Reporter: Aleksandr Kovalenko
            Assignee: Aleksandr Kovalenko
             Fix For: 1.4.2


If the cluster is detected to be a kerberos secure cluster, we should add an informative message about creating appropriate keytab. There is already a step in the wizard that displays manual steps for HDFS components reassignment. We can add this message over there. For ResourceManager reassignment, we will require a manual step page to display this information.

Cluster security status can be retrieved from hadoop.security.authentication property in core-site.xml and if value found is kerberos, add appropriate message. Example: 
*For NameNode reassignment:*
 Note: 
# Keytab file <dfs.namenode.keytab.file value> containing principal <dfs.namenode.kerberos.principal value with _HOST substituted with real target host hostname> should exist on <target host hostname>. 
# Keytab file <dfs.web.authentication.kerberos.keytab value> containing principal <dfs.web.authentication.kerberos.principal value with _HOST in the value substituted with real target host hostname > should exist on <target host hostname>




--
This message was sent by Atlassian JIRA
(v6.1#6144)