
Configure Kerberos authentication
To configure Kerberos authentication, add the following lines to the relevant provider stanza in indexes.conf
:
vix.hadoop.security.authentication = kerberos vix.java.security.krb5.kdc = <kerberos server name> vix.java.security.krb5.realm = <kerberos default realm> vix.kerberos.principal = <kerberos principal name of the user you want Hunk to interact with Hadoop, for example: hunk@YOUR-REALM.COM> vix.kerberos.keytab = <kerberos keytab path, i.e., /path/hunk.keytab> vix.hadoop.security.authorization = <hadoop security authorization true/false> vix.dfs.namenode.kerberos.principal = <hadoop namenode kerberos principal name, i.e., hdfs/_HOST@YOUR-REALM.COM> vix.mapreduce.jobtracker.kerberos.principal = <the hadoop jobtracker kerberos principal name, i.e., mapred/_HOST@YOUR-REALM.COM> vix.hadoop.security.auth_to_local = <the mapping from Kerberos principals to short names (optional)> vix.mapred.job.reuse.jvm.num.tasks = 1
Note: Setting vix.mapred.job.reuse.jvm.num.tasks = 1
lets you avoid ENOENT task failures (detailed here: https://issues.apache.org/jira/browse/MAPREDUCE-4490).
If you are using YARN, you must also add the following property to the provider stanza:
vix.yarn.resourcemanager.principal = yarn/_HOST@YOUR-REALM.COM vix.yarn.nodemanager.principal = yarn/_HOST@YOUR-REALM.COM
# kerberos with Hive vix.hive.metastore.sasl.enabled = <true|false> vix.hive.metastore.kerberos.principal = <service principal for the metastore thrift server>
If you are preprocessing Hive via a metastore, vix.hive.metastore.sasl.enabled
must be set to "true".
PREVIOUS Set up virtual indexes for archived Hadoop files |
NEXT About streaming resource libraries |
This documentation applies to the following versions of Hunk®(Legacy): 6.0, 6.0.1, 6.0.2, 6.0.3, 6.1, 6.1.1, 6.1.2, 6.1.3, 6.2, 6.2.1, 6.2.2, 6.2.3, 6.2.4, 6.2.5, 6.2.6, 6.2.7, 6.2.8, 6.2.9, 6.2.10, 6.2.11, 6.2.12, 6.2.13, 6.3.0, 6.3.1, 6.3.2, 6.3.3, 6.3.4, 6.3.5, 6.3.6, 6.3.7, 6.3.8, 6.3.9, 6.3.10, 6.3.11, 6.3.12, 6.3.13, 6.4.0, 6.4.1, 6.4.2, 6.4.3, 6.4.4, 6.4.5, 6.4.6, 6.4.7, 6.4.8, 6.4.9, 6.4.10, 6.4.11
Feedback submitted, thanks!