Support Questions

Find answers, ask questions, and share your expertise

Is there a recommended architecture/methods to scale the MIT KDC for HA and multiple physical sites?

avatar
Contributor

I will be configuring a HDP cluster with a standalone KDC. I see info on how to setup multiple KDCs

for the HDP components. How should I set up the multiple KDCs? Can I create a master KDC with an

HA pair? Has anyone deployed something like this in the real world?

1 ACCEPTED SOLUTION

avatar
Expert Contributor

You can deploy Master Slave KDC. That will provide HA. I have done this before. You can setup replication between master and slave.

http://www.tldp.org/HOWTO/Kerberos-Infrastructure-HOWTO/server-replication.html

HTH

View solution in original post

2 REPLIES 2

avatar
Expert Contributor

You can deploy Master Slave KDC. That will provide HA. I have done this before. You can setup replication between master and slave.

http://www.tldp.org/HOWTO/Kerberos-Infrastructure-HOWTO/server-replication.html

HTH

avatar

Another source for master/slave configuration is https://web.mit.edu/kerberos/krb5-1.12/doc/admin/install_kdc.html