Cloudera Community

Community Articles

Find and share helpful community-sourced technical articles.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Announcements
Celebrating as our community reaches 100,000 members! Thank you!

How to configure SMM with CDH 6.x using Kerberos enabled

avatar
author-rank ManuelCalvo author-rank
Expert Contributor

Created on ‎03-02-2020 12:27 PM - edited on ‎03-02-2020 07:48 PM by Moderator

This community article assumes that we already have CDH 6.x and Kerberos enabled, in case we have to install Kerberos, please use the document below:

 

https://docs.cloudera.com/documentation/enterprise/6/6.3/topics/cm_sg_intro_kerb.html

 

1. Install a database

In this case, we are using MySQL:

https://docs.cloudera.com/csp/2.0.1/deployment/topics/csp-installing_mysql.html

2. Configure the database for schema registry and SMM

https://docs.cloudera.com/csp/2.0.1/deployment/topics/csp-configuring-schema-registry-metadata-store...

3. Download Schema Registry and SMM parcels

4. Install the Parcels

Install the services in this order:

 

1. Schema Registry

2. SRM (if no SRM installation, avoid this step)

3. SMM

 

https://docs.cloudera.com/csp/2.0.1/deployment/topics/csp-get-parcel-csd.html

5. Distribute and activate the parcels.

  • In Schema registry point “Schema Registry storage connector url” to the mysql hostname. Check “Enable Kerberos Authentication”.
  • Use the database registry password for “Schema Registry storage connector password”

    5.1 For SMM use

    • cm.metrics.host = cloudera manager host
    • cm.metrics.password = cloudera manager UI password
    • cm.metrics.service.name = kafka (default)
    • Streams Messaging Manager storage connector url = jdbc:mysql://FQDN_MYHSQL:3306/streamsmsgmgr
    • Streams Messaging Manager storage connector password = user database password specified
    • Check “Enable Kerberos Authentication”

6. Add Kafka service

  • Check "Enable Kerberos Authentication"

7. Configure and access the SMM UI

  • Property "cm.metrics.service.name" must match with the Kafka service name, by default is "kafka"
  • Create streamsmsgmgr principal in the KDC, example when using MIT KDC
    • kadmin.local
    • add_principal streammsmmgr
  • Finally copy the /etc/krb5.conf to your local machine and get a valid kerberos ticket for streammsmmgr user by using "kinit streammsmmgr" and use the same password chosen for the user creation time.

 

879 Views
webinar banner
Announcements
Product Announcements
[ANNOUNCE] Cloudera on Public Cloud Runtime 7.2.18 is GA!
What's New @ Cloudera
Cloudera Operational Database (COD) supports enhancements to...
Community Announcements
March 2024 Community Highlights
Community Announcements
Celebrating 100,000 Members: A Journey of Growth and Connect...
Product Announcements
[ANNOUNCE] New Cloudera JDBC Connector for Apache Hive 2.6.2...
View More Announcements
Version history
Last update:
‎03-02-2020 07:48 PM
Updated by:
Moderator
meetups banner