Uploaded image for project: 'CDAP'
  1. CDAP
  2. CDAP-11445

Ambari service should use cluster-specific headless principal

    Details

    • Type: Improvement
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 4.2.0
    • Component/s: Ambari Service
    • Labels:
      None
    • Release Notes:
      Fixed an issue with the CDAP Ambari service definition where the "cdap" headless user was not unique to the cluster.
    • Rank:
      1|i0014f:

      Description

      If multiple clusters are using the same KDC, our headless user is only usable on the most recent cluster to generate keytabs. The fix is to use a unique principal per cluster.

      See https://issues.apache.org/jira/browse/AMBARI-19430 for more information. Unfortunately, those changes are only available in Ambari 2.5+ so we need to instead define this ourselves using the method used prior to that issue:

      ${cluster_name|toLower()}
      

        Attachments

          Activity

            People

            • Assignee:
              chris Chris Gianelloni
              Reporter:
              chris Chris Gianelloni
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: