Support Questions

Find answers, ask questions, and share your expertise
Celebrating as our community reaches 100,000 members! Thank you!

How to add a keytab for the new flume service that I created.

I have a hadoop Cloudera cluster with a HDFS service having the kerberos authentication enabled.

I'm creating a flume service owning an agent deployed on an instance of my cluster. I want this role (agent issued from the flume service on the instance), to be able to write on my HDFS service.


To do that, the flume agent needs to have its keytab that will give him the keys allowing him to authenticate to the HDFS cluster.


From the cloudera documentation I read that :

At the end of the integration process using the configuration wizard, Cloudera Manager Server will create host principals and deploy keytabs for all services configured on the cluster, which means that Cloudera Manager Server requires a principal that has privileges to create these other accounts.

from here 


But after instanciating my flume service I see no keytab in its user folder.

Is there something more that needs to be done to obtain the generation of this keytab ?


Master Guru

@bobreynolds The service keytabs by default is in /var/run/cloudera-scm-agent/process/xxx-flume-xxxx . Hope you are checking in the same dir. If it's not there then you probably have to generate missing credentials from CM > Administration > Security > Kerberos Credentials and then regenerate. 

Was your question answered? Make sure to mark the answer as the accepted solution.
If you find a reply useful, say thanks by clicking on the thumbs up button.