Cloudera Community

Community Articles

Find and share helpful community-sourced technical articles.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search

How to configure SMM with CDH 6.x using Kerberos enabled

avatar
author-rank ManuelCalvo author-rank
Expert Contributor

Created on ‎03-02-2020 12:27 PM - edited on ‎03-02-2020 07:48 PM by Moderator

This community article assumes that we already have CDH 6.x and Kerberos enabled, in case we have to install Kerberos, please use the document below:

 

https://docs.cloudera.com/documentation/enterprise/6/6.3/topics/cm_sg_intro_kerb.html

 

1. Install a database

In this case, we are using MySQL:

https://docs.cloudera.com/csp/2.0.1/deployment/topics/csp-installing_mysql.html

2. Configure the database for schema registry and SMM

https://docs.cloudera.com/csp/2.0.1/deployment/topics/csp-configuring-schema-registry-metadata-store...

3. Download Schema Registry and SMM parcels

4. Install the Parcels

Install the services in this order:

 

1. Schema Registry

2. SRM (if no SRM installation, avoid this step)

3. SMM

 

https://docs.cloudera.com/csp/2.0.1/deployment/topics/csp-get-parcel-csd.html

5. Distribute and activate the parcels.

  • In Schema registry point “Schema Registry storage connector url” to the mysql hostname. Check “Enable Kerberos Authentication”.
  • Use the database registry password for “Schema Registry storage connector password”

    5.1 For SMM use

    • cm.metrics.host = cloudera manager host
    • cm.metrics.password = cloudera manager UI password
    • cm.metrics.service.name = kafka (default)
    • Streams Messaging Manager storage connector url = jdbc:mysql://FQDN_MYHSQL:3306/streamsmsgmgr
    • Streams Messaging Manager storage connector password = user database password specified
    • Check “Enable Kerberos Authentication”

6. Add Kafka service

  • Check "Enable Kerberos Authentication"

7. Configure and access the SMM UI

  • Property "cm.metrics.service.name" must match with the Kafka service name, by default is "kafka"
  • Create streamsmsgmgr principal in the KDC, example when using MIT KDC
    • kadmin.local
    • add_principal streammsmmgr
  • Finally copy the /etc/krb5.conf to your local machine and get a valid kerberos ticket for streammsmmgr user by using "kinit streammsmmgr" and use the same password chosen for the user creation time.

 

1,014 Views
Announcements
What's New @ Cloudera
[RELEASED] Cloudera Streams Messaging - Kubernetes Operator ...
What's New @ Cloudera
[RELEASED] Cloudera Streaming Analytics 1.14 for Cloudera Pu...
What's New @ Cloudera
Cloudera Data Engineering 1.23: Access Spark from Your Favor...
What's New @ Cloudera
HBase REST server scaling support is Generally Available
What's New @ Cloudera
New CLI option in the update-database command
View More Announcements
Version history
Last update:
‎03-02-2020 07:48 PM
Updated by:
Moderator