Great ! Thanks Rob! I will try it out today and reach out if I hit issues.
Thank you for your help.
Di
On Wed, Apr 4, 2018 at 4:15 PM, Robert Levas wrote:
> If you would like the HDFS keytab file installed on the same host as your
> component, you can add a reference
If you would like the HDFS keytab file installed on the same host as your
component, you can add a reference to that Kerberos identity in your
Kerberos.json file. Ideally this reference would be added to the "identities"
section for the specific component. The declaration would look something
Hi Rob,
Thanks for the explanation. I don't have issues with DN per se. My case
falls into the "*since then some services need to create directories and
change permissions on them as the HDFS root user upon installation * category
that you mentioned. I paired my service with DN assuming
The DN does not need to authenticate as the "root" HDFS user to perform
administrative tasks.
A while back, we started an initiative to reduce the exposure of the HDFS
"root" user due to security concerns. In doing so, we tightened up where we
distribute the HDFS keytab file. However since