Roberta Marton created TRAFODION-2055:
-----------------------------------------
Summary: Automate Kerberos ticket expiration and renewal for a
cluster
Key: TRAFODION-2055
URL: https://issues.apache.org/jira/browse/TRAFODION-2055
Project: Apache Trafodion
Issue Type: Sub-task
Components: sql-security
Reporter: Roberta Marton
Today, we support a separate Kerberos ticket on each node. When it expires,
the customer has to perform a manual task to renew it. We need an automated
way to perform this operation. There are some options:
Today, a ticket will be renewed until all renewals have been performed. If
there are no more renewals, the ticket expires. Trafodion will not work until
the ticket is reinited.
One option would be to reinit the ticket after all the renewals are used up.
Another option would be to periodically check for ticket expiration. When a
ticket is ready to expire, notify the system administrator. It is then up to
the administrator to renew the ticket(s).
We could provide a tool that would periodically recreate trafodion tickets.
This could be run by the administrator at time that would not affect running
jobs.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
