Hari Sekhon created AMBARI-10493:
------------------------------------
Summary: Ambari 2.0 doesn't recognize Kerberos on existing cluster
Key: AMBARI-10493
URL: https://issues.apache.org/jira/browse/AMBARI-10493
Project: Ambari
Issue Type: Bug
Components: ambari-server, security
Affects Versions: 2.0.0
Environment: HDP 2.2
Reporter: Hari Sekhon
After upgrading to Ambari 2.0 (from 1.7) it wants to manage Kerberos but it
doesn't seem to have the capability to just use the existing keytabs as we have
historically done - it wants to redeploy them from an MIT KDC, which would
obviously mess up my already deployed cluster which is running on FreeIPA
(which includes an MIT KDC in each IPA server but isn't supported to be managed
via kadmin interface).
There doesn't seem to be an obvious way of getting Ambari to re-enable or
recognize that kerberos is deployed and the services are kerberized. The
current configurations do seem to still be intact with the kerberos config
settings but Ambari does not recognize that Kerberos is deployed and I'm
concerned this is going to eventually mess up my existing cluster or deploy new
services without Kerberos.
Hari Sekhon
http://www.linkedin.com/in/harisekhon
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
