Reply
Highlighted
New Contributor
Posts: 1
Registered: ‎09-18-2017

Connecting to kerberized quickstart.cloudera vm (HDFS)

I hava a Java client that I run on my host (on which the quickstart.cloudera guest vm is running) to write data to hdfs of the quickstart vm.

 

I enabled kerberos security on the quick start vm. All good.

 

Tested that my client is not enabled to get write data any more

 

Exported hdfs to keytab

 

Try to kinit as hdfs (kinit -kt hdfs.keytab hdfs/quickstart.cloudera@CLOUDERA)  from my host and get 

"kinit: Cannot contact any KDC for realm 'CLOUDERA' while getting initial credentials"

 

Please note ..the same kinit command as above works fine on the cloudera.quickstart vm.

 

So the question is can I really kinit hdfs/quickstart.cloudera from another host or does it work on on the quickstart.cloudera VM? If answer is yes ..do I need to create new service prinicpal that is not specific to the host?

 

Let me also know if this is nonsense :)

 

Thanks in advance,

Ashish

 

 

 

 

Cloudera Employee
Posts: 36
Registered: ‎12-14-2016

Re: Connecting to kerberized quickstart.cloudera vm (HDFS)

Hi Ashish,

 

Is the Java client in the VM or just on the same host? If the same krb5.conf file as that in the VM exists and connection the the KDC server resolves properly, you should be able to kinit from another host.

Announcements