Support Questions

Find answers, ask questions, and share your expertise

MIT principal and keytab management via Amabari 2.1.2

avatar
Rising Star

Can I use Ambari 2.1.2 (API or other) to manage principals and keytab deployments for non-ambari controlled services?

1 ACCEPTED SOLUTION

avatar

No, this is not supported.

View solution in original post

3 REPLIES 3

avatar

No, this is not supported.

avatar
Master Mentor

avatar

Ambari can only manage the principals and keytabs for the services managed by it. The pricipal and keytabs are actually provided as part of the configuration files with the stack definition.

For e.g. for Storm, looking at the stack , you can see -

....

          "name": "storm_components",
          "principal": {
            "value": "${storm-env/storm_user}-${cluster_name}@${realm}",
            "type": "user",
            "configuration": "storm-env/storm_principal_name"
          },
          "keytab": {
            "file": "${keytab_dir}/storm.headless.keytab",
            "owner": {
              "name": "${storm-env/storm_user}",
              "access": "r"
            },
....

Ambari does not support managing principals and keytabs of other components that are outside its purview.