For helping manage this, Hadoop lets you specify principles of the format hdfs/_HOST@SOME-REALM. Here _HOST is a special string that Hadoop interprets and replaces it with the local hostname. You need to create principles per host though.
+Vinod On Feb 2, 2014, at 3:14 PM, Koert Kuipers <[email protected]> wrote: > is it necessary to create a kerberos principal for hdfs on every node, as in > hdfs/some-host@SOME-REALM? > why not use one principal hdfs@SOME-REALM? that way i could distribute the > same keytab file to all nodes which makes things a lot easier. > thanks! koert -- CONFIDENTIALITY NOTICE NOTICE: This message is intended for the use of the individual or entity to which it is addressed and may contain information that is confidential, privileged and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are hereby notified that any printing, copying, dissemination, distribution, disclosure or forwarding of this communication is strictly prohibited. If you have received this communication in error, please contact the sender immediately and delete it from your system. Thank You.
signature.asc
Description: Message signed with OpenPGP using GPGMail
