Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id EA803200D61 for ; Tue, 19 Dec 2017 16:28:16 +0100 (CET) Received: by cust-asf.ponee.io (Postfix) id E8BD5160C1B; Tue, 19 Dec 2017 15:28:16 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id 1324F160C18 for ; Tue, 19 Dec 2017 16:28:15 +0100 (CET) Received: (qmail 34382 invoked by uid 500); 19 Dec 2017 15:28:13 -0000 Mailing-List: contact user-help@hadoop.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Delivered-To: mailing list user@hadoop.apache.org Received: (qmail 34307 invoked by uid 99); 19 Dec 2017 15:28:13 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd2-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 19 Dec 2017 15:28:13 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd2-us-west.apache.org (ASF Mail Server at spamd2-us-west.apache.org) with ESMTP id EBA051A0E4A for ; Tue, 19 Dec 2017 15:28:12 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd2-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: 2.389 X-Spam-Level: ** X-Spam-Status: No, score=2.389 tagged_above=-999 required=6.31 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=2, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RCVD_IN_SORBS_SPAM=0.5, SPF_PASS=-0.001, T_REMOTE_IMAGE=0.01] autolearn=disabled Authentication-Results: spamd2-us-west.apache.org (amavisd-new); dkim=pass (1024-bit key) header.d=snaplogic.com Received: from mx1-lw-us.apache.org ([10.40.0.8]) by localhost (spamd2-us-west.apache.org [10.40.0.9]) (amavisd-new, port 10024) with ESMTP id DXkvQFxEaDDg for ; Tue, 19 Dec 2017 15:28:10 +0000 (UTC) Received: from mail-wm0-f43.google.com (mail-wm0-f43.google.com [74.125.82.43]) by mx1-lw-us.apache.org (ASF Mail Server at mx1-lw-us.apache.org) with ESMTPS id 648585F36F for ; Tue, 19 Dec 2017 15:28:10 +0000 (UTC) Received: by mail-wm0-f43.google.com with SMTP id t8so4421017wmc.3 for ; Tue, 19 Dec 2017 07:28:10 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=snaplogic.com; s=google; h=mime-version:from:date:message-id:subject:to; bh=XLSkIMbLoI+wo4HyXGAqhfzGwnxOStMT4196dMDLKu0=; b=Ed+IeWCNt+u6Z4+xbAXMHa0PDgS9pTI7r1iiGK6M5Z0JBfcE1YHr1/TVho7jMt0F83 KzYa7h9ivo2WCsz0xybnDq6RuvyOUM9bb8JI4sFmF6BW37q8xxlwq9bLujMJB4IZpfTB 64hwsqP9//G1yFaEHfxoLBaC9RKMoVNZOHQiU= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=XLSkIMbLoI+wo4HyXGAqhfzGwnxOStMT4196dMDLKu0=; b=G35/xhyeAHoErrb99u+Q6fMX5n5xvY271BiuiJFOhw2aCjr0VZnwmkNR++X8nBDY3q RUsuwm9Lf3o2YBiYGmLjF1w8P4MHQbKcyy4sMDbtnVr0+w7yD9XWpiogcOXIXncQ4Q7J rCzSSqFacswhsMFXr1M0vZHlGktsPA9weqlh8h6B5VoFwtrC1R3VMpZGU7Lr1x+WbBwr V7RGDYt4o1pVswpUcGJy69CehoRNFglbktN2nFX9j7MRnm6272+V1gtISrpoOqNdIC6Y /oabjT6ryEJKpIuwxAoHzbMNw0NR1DR8VTzFGxoOvwM5itJopyvzKhHjjb9uK2AxwxQ6 7UbA== X-Gm-Message-State: AKGB3mKjb9vCj3xYLZIG22eUmLnuXg0XCfCu0K8T7ucZemZw/BfwHjha xExoqeFeeK/gbLvQwpcVnhCVM9/BB+XrSI/I8wr9fw== X-Google-Smtp-Source: ACJfBot5BPHQz9kP6r5F0pBJr6siF8EP5tC+njfS9jvPFG6PkiDOfI3AJ3slDt4Pc992NWWNIgHkBC++Wy2+TCVcMVM= X-Received: by 10.28.172.202 with SMTP id v193mr4379317wme.10.1513697289099; Tue, 19 Dec 2017 07:28:09 -0800 (PST) MIME-Version: 1.0 Received: by 10.28.125.72 with HTTP; Tue, 19 Dec 2017 07:28:08 -0800 (PST) From: Bear Giles Date: Tue, 19 Dec 2017 08:28:08 -0700 Message-ID: Subject: embedded HDFS cluster + Kerberos question To: user@hadoop.apache.org Content-Type: multipart/alternative; boundary="001a1141f2243704570560b31df3" archived-at: Tue, 19 Dec 2017 15:28:17 -0000 --001a1141f2243704570560b31df3 Content-Type: text/plain; charset="UTF-8" Stupid question but der google insists on telling me how to set up Kerberos on CDH and HDP clusters using GUIs instead of how to do it at a very low level. I have an embedded KDC and DFS servers running in my unit tests. I know how to create the DFS Kerberos principals in the KDC and configure the DFS so it knows the principals to use and a modified 'kinit command' so that it refers to the krb5.conf file for the embedded KDC. However I can't figure out where to put the keytab file so the embedded DFS server (and potentially other embedded servers) knows where to find it. I've gone as far as doing 'sudo / find -name "*.keytab"' on some of my actual clusters to see where the file is located, with no luck. Where do the server keytab files go? -- Bear Giles Sr. Java Application Engineer bgiles@snaplogic.com Mobile: 720-749-7876 *SnapLogic Inc | 929 Pearl St #200 | 80303 CO 80302 | USA* *SnapLogic Inc | 2 W 5th Avenue 4th Floor | San Mateo CA 94402 | USA * This message is confidential. It may also be privileged or otherwise protected by work product immunity or other legal rules. If you have received it by mistake, please let us know by e-mail reply and delete it from your system; you may not copy this message or disclose its contents to anyone. The integrity and security of this message cannot be guaranteed on the Internet. --001a1141f2243704570560b31df3 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Stupid question but der google insists on telling me how t= o set up Kerberos on CDH and HDP clusters using GUIs instead of how to do i= t at a very low level.

I have an embedded KDC and DFS se= rvers running in my unit tests. I know how to create the DFS Kerberos princ= ipals in the KDC and configure the DFS so it knows the principals to use an= d a modified 'kinit command' so that it refers to the krb5.conf fil= e for the embedded KDC.

However I can't figure= out where to put the keytab file so the embedded DFS server (and potential= ly other embedded servers) knows where to find it.

I've gone as far as doing 'sudo / find -name "*.keytab"&= #39; on some of my actual clusters to see where the file is located, with n= o luck.

Where do the server keytab fil= es go?

--
--001a1141f2243704570560b31df3--

<= span style=3D"font-family:verdana,sans-serif">Bear Giles

Sr.=C2=A0Java=C2=A0Application=C2=A0Engineer
bgiles@snaplogic.com
Mobile:=C2=A07= 20-749-7876


=C2=A0


<= /td>

SnapLogic Inc | 929 Pearl= St #200 | 80303 CO 80302 | USA

SnapLogic Inc | 2 W 5th Avenue 4th Floor | Sa= n Mateo CA 94402 | USA =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=

This message is confidential. It may also be privileged or otherwise=20 protected by work product immunity or other legal rules. If you have=20 received it by mistake, please let us know by e-mail reply and delete it from your system; you may not copy this message or disclose its=20 contents to anyone. The integrity and security of this message cannot be guaranteed on the Internet.