Repository: ambari Updated Branches: refs/heads/branch-1.7.0 97399ce0a -> 295633ba8
Revert "AMBARI-7824. Slider View: Unable to create app when cluster is secured - keytab doesnt exist. Doc updates (srimanth)" This reverts commit 25d0b121e9552ef86f4036e3272f02a375f6ff77. Project: http://git-wip-us.apache.org/repos/asf/ambari/repo Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/69b123a5 Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/69b123a5 Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/69b123a5 Branch: refs/heads/branch-1.7.0 Commit: 69b123a58102948defa1c3a07cc1635407a51bd8 Parents: 97399ce Author: Alex Antonenko <[email protected]> Authored: Fri Oct 17 17:19:36 2014 +0300 Committer: Alex Antonenko <[email protected]> Committed: Fri Oct 17 17:19:36 2014 +0300 ---------------------------------------------------------------------- contrib/views/slider/docs/index.md | 33 +-------------------------------- 1 file changed, 1 insertion(+), 32 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/ambari/blob/69b123a5/contrib/views/slider/docs/index.md ---------------------------------------------------------------------- diff --git a/contrib/views/slider/docs/index.md b/contrib/views/slider/docs/index.md index bd23d14..0c9132c 100644 --- a/contrib/views/slider/docs/index.md +++ b/contrib/views/slider/docs/index.md @@ -80,35 +80,4 @@ From *Ambari-Admin* create a *Slider Apps View* with the below parameters popula * slider.security.enabled = true * view.kerberos.principal = `view-principal` -* view.kerberos.principal.keytab = `/etc/security/keytabs/view-principal.headless.keytab` - -#### Step-5 Create *Kerberos* principal for *slider.user* -We need to provide a *Kerberos* identity for the user identified in *slider.user* view parameter. - -The *slider.user* view parameter has the following interpretations: - -* If the parameter is left blank, it means the user *yarn*. -* If it is `${username}`, it is the user logged into Ambari. -* Else, it is exact name of the user. - -We shall assume the user as `slider-user`. In a secured cluster this user has to actually exist on all the hosts. The user should also have an *uid* greater than 1000. - -On the machine where *KDC Server* is hosted, create user principal by running below command - -``` -kadmin.local -q "addprinc -randkey [email protected]" -``` -Next, extract keytab file - -``` -kadmin.local -q "xst -k /path/to/keytab/slider-user.headless.keytab [email protected]" -``` -The keytab file should then be copied over to the keytabs location on the host where the view is hosted. - -``` -cp /path/to/keytab/slider-user.headless.keytab /etc/security/keytabs/ -``` - -Change file permissions so that only necessary users can access it. - -**Make sure that `slider-user` keytab is at /etc/security/keytabs/`slider-user`.headless.keytab** +* view.kerberos.principal.keytab = `/etc/security/keytabs/view-principal.headless.keytab` \ No newline at end of file
