Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

MIT principal and keytab management via Amabari 2.1.2

Solved Go to solution
Highlighted

MIT principal and keytab management via Amabari 2.1.2

Contributor

Can I use Ambari 2.1.2 (API or other) to manage principals and keytab deployments for non-ambari controlled services?

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted

Re: MIT principal and keytab management via Amabari 2.1.2

No, this is not supported.

View solution in original post

3 REPLIES 3
Highlighted

Re: MIT principal and keytab management via Amabari 2.1.2

No, this is not supported.

View solution in original post

Highlighted

Re: MIT principal and keytab management via Amabari 2.1.2

Highlighted

Re: MIT principal and keytab management via Amabari 2.1.2

Ambari can only manage the principals and keytabs for the services managed by it. The pricipal and keytabs are actually provided as part of the configuration files with the stack definition.

For e.g. for Storm, looking at the stack , you can see -

....

          "name": "storm_components",
          "principal": {
            "value": "${storm-env/storm_user}-${cluster_name}@${realm}",
            "type": "user",
            "configuration": "storm-env/storm_principal_name"
          },
          "keytab": {
            "file": "${keytab_dir}/storm.headless.keytab",
            "owner": {
              "name": "${storm-env/storm_user}",
              "access": "r"
            },
....

Ambari does not support managing principals and keytabs of other components that are outside its purview.

Don't have an account?
Coming from Hortonworks? Activate your account here