THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
The blueprint below could be used to setup a cluster containing three host groups with KERBEROS security. Overriding default kerberos descriptor is not necessary however specifying a few Kerberos specific properties in kerberos-env and krb5-conf is a must to setup services to use Kerberos. Note: prior to Ambari 2.4.0 use "kdc_host" instead of "kdc_hosts".
Code Block |
---|
{ "configurations" : [ { "kerberos-env": { "properties_attributes" : { }, "properties" : { "realm" : "AMBARI.APACHE.ORG", "kdc_type" : "mit-kdc", "kdc_hosthosts" : "(kerberos_server_name)", "admin_server_host" : "(kerberos_server_name)" } } }, { "krb5-conf": { "properties_attributes" : { }, "properties" : { "domains" : "AMBARI.APACHE.ORG", "manage_krb5_conf" : "true" } } } ], "host_groups" : [ { "name" : "host_group_1", "configurations" : [ ], "components" : [ { "name" : "ZOOKEEPER_CLIENT" }, { "name" : "ZOOKEEPER_SERVER" }, { "name" : "NAMENODE" }, { "name" : "HDFS_CLIENT" }, { "name" : "DATANODE" } ], "cardinality" : "1" }, { "name" : "host_group_2", "configurations" : [ ], "components" : [ { "name" : "ZOOKEEPER_SERVER" }, { "name" : "KERBEROS_CLIENT" }, { "name" : "SECONDARY_NAMENODE" }, { "name" : "DATANODE" } ], "cardinality" : "1" }, { "name" : "host_group_3", "configurations" : [ ], "components" : [ { "name" : "ZOOKEEPER_CLIENT" }, { "name" : "ZOOKEEPER_SERVER" }, { "name" : "KERBEROS_CLIENT" }, { "name" : "HDFS_CLIENT" }, { "name" : "DATANODE" } ], "cardinality" : "1" } ], "Blueprints" : { "stack_name" : "HDP", "stack_version" : "2.3", "security" : { "type" : "KERBEROS" } } } |
...