ambari-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Robert Levas (JIRA)" <j...@apache.org>
Subject [jira] [Created] (AMBARI-13240) Kerberos: Allow multiple KDC hosts to be set while enabling Kerberos
Date Fri, 25 Sep 2015 10:32:04 GMT
Robert Levas created AMBARI-13240:
-------------------------------------

             Summary: Kerberos: Allow multiple KDC hosts to be set while enabling Kerberos
                 Key: AMBARI-13240
                 URL: https://issues.apache.org/jira/browse/AMBARI-13240
             Project: Ambari
          Issue Type: Bug
          Components: ambari-agent, ambari-server, ambari-web
    Affects Versions: 2.0.0
            Reporter: Robert Levas
            Assignee: Robert Levas
            Priority: Minor
             Fix For: 2.2.0


Because multiple KDCs may exist for an installation (failover, high availability, etc...),
Ambari should allow a user to specify multiple KDC hosts to be set while enabling Kerberos
and updating the Kerberos service's configuration.

This should be done by allowing {{kerberos-env/kdc_host}} to accept a (comma-)delimited list
of hosts and then parsing that list properly when building the krb5.conf file where each {{kdc_host}}
item generates an entry in the relevant realm block.  For example:

{noformat:title=kerberos-env}
{
  ...
 "kdc_hosts" : "kdc1.example.com, kdc2.example.com"
  ...
}
{noformat}

{noformat:title=krb5.conf}
[realms]
  EXAMPLE.COM = {
    ...
    kdc = kdc1.example.com
    kdc = kdc2.example.com
    ...
  }
{noformat}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message