I have HDF in AWS and ELB behind of two schema registries. ELB has static hostname via Rout53. During the installation process when Kerberos enabled Kerberos SPN will automatically generated to registry.yaml file using pattern HTTP/hostname@REALM:
lines from /var/lib/ambari-server/resources/mpacks/hdf-ambari-mpack-18.104.22.168-10/common-services/REGISTRY/0.3.0/package/scripts/params.py
One solution is to set up one common kerberos SPN in to both registries HTTP/registry.example.com@EXAMPLE.COM. I tried it out and it worked, but it is manual work and after restarting registry service via ambari it will regenerate registry.yaml file and old SPN are back.
So I do not have any possibility to interact here?