Community Articles
Find and share helpful community-sourced technical articles
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.
Contributor

This community article assumes that we already have CDH 6.x and Kerberos enabled, in case we have to install Kerberos, please use the document below:

 

https://docs.cloudera.com/documentation/enterprise/6/6.3/topics/cm_sg_intro_kerb.html

 

1. Install a database

In this case, we are using MySQL:

https://docs.cloudera.com/csp/2.0.1/deployment/topics/csp-installing_mysql.html

2. Configure the database for schema registry and SMM

https://docs.cloudera.com/csp/2.0.1/deployment/topics/csp-configuring-schema-registry-metadata-store...

3. Download Schema Registry and SMM parcels

4. Install the Parcels

Install the services in this order:

 

1. Schema Registry

2. SRM (if no SRM installation, avoid this step)

3. SMM

 

https://docs.cloudera.com/csp/2.0.1/deployment/topics/csp-get-parcel-csd.html

5. Distribute and activate the parcels.

  • In Schema registry point “Schema Registry storage connector url” to the mysql hostname. Check “Enable Kerberos Authentication”.
  • Use the database registry password for “Schema Registry storage connector password”

    5.1 For SMM use

    • cm.metrics.host = cloudera manager host
    • cm.metrics.password = cloudera manager UI password
    • cm.metrics.service.name = kafka (default)
    • Streams Messaging Manager storage connector url = jdbc:mysql://FQDN_MYHSQL:3306/streamsmsgmgr
    • Streams Messaging Manager storage connector password = user database password specified
    • Check “Enable Kerberos Authentication”

6. Add Kafka service

  • Check "Enable Kerberos Authentication"

7. Configure and access the SMM UI

  • Property "cm.metrics.service.name" must match with the Kafka service name, by default is "kafka"
  • Create streamsmsgmgr principal in the KDC, example when using MIT KDC
    • kadmin.local
    • add_principal streammsmmgr
  • Finally copy the /etc/krb5.conf to your local machine and get a valid kerberos ticket for streammsmmgr user by using "kinit streammsmmgr" and use the same password chosen for the user creation time.

 

167 Views
Don't have an account?
Coming from Hortonworks? Activate your account here
Version history
Revision #:
10 of 10
Last update:
‎03-02-2020 07:48 PM
Updated by:
 
Top Kudoed Authors