I recently enabled Kerberos on my CDH 5.1.2 test cluster using ther Cloudera Manager wizard.
After trying to access Oozie through load balancer IP I had set I realized I was having problems authenticating. I thought perhaps it was because I was using an IP instead of a DNS name so I updated DNS with an entry for the load balancer, and updated the Oozie configuration with the new DNS name. (Oozie Load Balancer setting in CM, under Service-Wide settings)
The problem I am having now is that Cloudera Manager managed kerberos has not picked up on the change, and is not creating the managed principal for HTTP/loadbalancerhostname.mylan.com@MYDOMAIN.COM. The keytab for oozie has also not updated itself (removed the HTTP/IP@MYDOMAIN.COM or added HTTP/loadbalancerhostname.mylan.com@MYDOMAIN.COM.).
I have tried regenerating principals through Cloudera Manager but it does not appear to be picking up the new entry for the load balancer.
(Administartion -> Kerberos -> Credentials -> Generate Credentials)
I am not sure what to do to get Cloudera Manager to realize it needs to add the new principal, and regenerate the keytab for oozie.
