Support Questions

kkane · ‎12-01-2015

Can I use Ambari 2.1.2 (API or other) to manage principals and keytab deployments for non-ambari controlled services?

andrewg · ‎12-01-2015

No, this is not supported.

View solution in original post

andrewg · ‎12-01-2015

No, this is not supported.

nsabharwal · ‎12-01-2015

@Paul Codding @jeff

bsaini · ‎12-03-2015

Ambari can only manage the principals and keytabs for the services managed by it. The pricipal and keytabs are actually provided as part of the configuration files with the stack definition.

For e.g. for Storm, looking at the stack , you can see -

....

          "name": "storm_components",
          "principal": {
            "value": "${storm-env/storm_user}-${cluster_name}@${realm}",
            "type": "user",
            "configuration": "storm-env/storm_principal_name"
          },
          "keytab": {
            "file": "${keytab_dir}/storm.headless.keytab",
            "owner": {
              "name": "${storm-env/storm_user}",
              "access": "r"
            },
....

Ambari does not support managing principals and keytabs of other components that are outside its purview.

Cloudera Community

Support Questions

MIT principal and keytab management via Amabari 2.1.2

Creating a local hadoop principal and keytab in a...

amabari server 2.1.2 setup - Error while creating ...

Where does Cloudera Manager store generated keytab...

Setup cross realm trust between two MIT KDC

User authentication from Windows Workstation to HD...

unable to join Amabari server to cluster

Ambari Alerts Phantom or False Alerts on Kerberize...

Issue Generating principals in Cloudera Manager - ...

How to merge oozie HA HTTP keberos principals with...

Secure Administration of MIT-KDC