[
https://issues.apache.org/jira/browse/AMBARI-3592?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13805466#comment-13805466
]
Aleksandr Kovalenko commented on AMBARI-3592:
---------------------------------------------
committed to trunk
> Reassign Master(secure cluster): Display principal and keytab path creation
> as a required manual step.
> ------------------------------------------------------------------------------------------------------
>
> Key: AMBARI-3592
> URL: https://issues.apache.org/jira/browse/AMBARI-3592
> Project: Ambari
> Issue Type: Task
> Components: client
> Affects Versions: 1.4.2
> Reporter: Aleksandr Kovalenko
> Assignee: Aleksandr Kovalenko
> Fix For: 1.4.2
>
> Attachments: AMBARI-3592.patch
>
>
> If the cluster is detected to be a kerberos secure cluster, we should add an
> informative message about creating appropriate keytab. There is already a
> step in the wizard that displays manual steps for HDFS components
> reassignment. We can add this message over there. For ResourceManager
> reassignment, we will require a manual step page to display this information.
> Cluster security status can be retrieved from hadoop.security.authentication
> property in core-site.xml and if value found is kerberos, add appropriate
> message. Example:
> *For NameNode reassignment:*
> Note:
> # Keytab file <dfs.namenode.keytab.file value> containing principal
> <dfs.namenode.kerberos.principal value with _HOST substituted with real
> target host hostname> should exist on <target host hostname>.
> # Keytab file <dfs.web.authentication.kerberos.keytab value> containing
> principal <dfs.web.authentication.kerberos.principal value with _HOST in the
> value substituted with real target host hostname > should exist on <target
> host hostname>
--
This message was sent by Atlassian JIRA
(v6.1#6144)
