[jira] [Commented] (AMBARI-7799) Add Knox kerberos setup to the existing Ambari security capabilities

[Hadoop QA (JIRA)]

    [ 
https://issues.apache.org/jira/browse/AMBARI-7799?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14180987#comment-14180987
 ] 

Hadoop QA commented on AMBARI-7799:
-----------------------------------

{color:green}+1 overall{color}.  Here are the results of testing the latest 
attachment 
  
http://issues.apache.org/jira/secure/attachment/12676517/AMBARI-7799_branch-1.7.0.patch.2
  against trunk revision .

    {color:green}+1 @author{color}.  The patch does not contain any @author 
tags.

    {color:green}+1 tests included{color}.  The patch appears to include 4 new 
or modified test files.

    {color:green}+1 javac{color}.  The applied patch does not increase the 
total number of javac compiler warnings.

    {color:green}+1 release audit{color}.  The applied patch does not increase 
the total number of release audit warnings.

    {color:green}+1 core tests{color}.  The patch passed unit tests in 
ambari-server.

Test results: 
https://builds.apache.org/job/Ambari-trunk-test-patch/311//testReport/
Console output: 
https://builds.apache.org/job/Ambari-trunk-test-patch/311//console

This message is automatically generated.

> Add Knox kerberos setup to the existing Ambari security capabilities
> --------------------------------------------------------------------
>
>                 Key: AMBARI-7799
>                 URL: https://issues.apache.org/jira/browse/AMBARI-7799
>             Project: Ambari
>          Issue Type: Task
>          Components: stacks
>    Affects Versions: 1.7.0
>            Reporter: Sumit Gupta
>            Assignee: Jaimin D Jetly
>             Fix For: 1.7.0
>
>         Attachments: AMBARI-7799.patch.2, AMBARI-7799_branch-1.7.0.patch.2
>
>
> Documentation for setting up Knox to use kerberos can be found here:
> http://knox.apache.org/books/knox-0-5-0/knox-0-5-0.html#Secure+Clusters
> To summarize some of the things that need to be done besides the keytab 
> creation:
> 1. the krb5 conf files need to be created and templated to work with the 
> cluster setup.
> 2. gateway-site.xml needs to be modified to enable security and point to the 
> krb5 conf files
> 3. Other services that Knox is configured to work with may also need some 
> configuration changes. Specifically, core-site.xml, webhcat-site.xml and 
> oozie-site.xml all need to be modified to setup Knox as a trusted proxy



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)