Hello, While implementing a secure HDFS setup with federation, I was reviewing the NameNode properties which are allowed to be set on a per nameservice basis. Omitted from those properties were the dfs.web.authentication.kerberos.principal and dfs.web.authentication.kerberos.keytab properties.
Is there a technical reason that these are to be common across all NameNodes or is it just that this hasn't been a requested feature yet? In our case we're using federation to achieve isolation, so I feel it would make sense to want to separate the kerberos credentials on a per NameNode basis for the HTTP server as well. Kind Regards, Grant