[
https://issues.apache.org/jira/browse/AMBARI-13240?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Robert Levas updated AMBARI-13240:
----------------------------------
Attachment: AMBARI-13240_trunk_01.patch
> Kerberos: Allow multiple KDC hosts to be set while enabling Kerberos
> --------------------------------------------------------------------
>
> Key: AMBARI-13240
> URL: https://issues.apache.org/jira/browse/AMBARI-13240
> Project: Ambari
> Issue Type: Bug
> Components: ambari-agent, ambari-server, ambari-web
> Affects Versions: 2.0.0
> Reporter: Robert Levas
> Assignee: Robert Levas
> Priority: Minor
> Labels: kerberos
> Fix For: 2.3.0
>
> Attachments: AMBARI-13240_trunk_01.patch
>
>
> Because multiple KDCs may exist for an installation (failover, high
> availability, etc...), Ambari should allow a user to specify multiple KDC
> hosts to be set while enabling Kerberos and updating the Kerberos service's
> configuration.
> This should be done by allowing {{kerberos-env/kdc_host}} to accept a
> (comma-)delimited list of hosts and then parsing that list properly when
> building the krb5.conf file where each {{kdc_host}} item generates an entry
> in the relevant realm block. For example:
> {noformat:title=kerberos-env}
> {
> ...
> "kdc_hosts" : "kdc1.example.com, kdc2.example.com"
> ...
> }
> {noformat}
> {noformat:title=krb5.conf}
> [realms]
> EXAMPLE.COM = {
> ...
> kdc = kdc1.example.com
> kdc = kdc2.example.com
> ...
> }
> {noformat}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
