Hi Team, We have an impala cluster which uses Kudu as a storage layer. Our setup has deployed on aws ec2 instances.
We *replaced* MIT KERBEROS with Active directory managed kdc(Here we used *AWS managed AD*) . We got the below error after the change we mentioned above. (SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (*Server not found in Kerberos database*)) We have created principles like below impala/*hostname*@DOMAIN hostname=> OS level FQDN we sorted above issue after *replacing* "OS level FQDN " with *AWS managed instance name *as below impala/*awsinstancename*@DOMAIN Any alternatives to overcome this? Because we have a requirement to avoid re-creation of principles if new ec2 is added with the same hostname . ex:- Lets say we create another cluster on a separate vpc with the same hostname we can reuse principles if they bind with *os level fqdn* . (impala/ *hostname*@DOMAIN) But if principles bind with *aws managed instance name *we have to recreate the principles Kindly advise Regards Anushke
