Many times I get questions about a safe and fast way to secure a cluster without big steps like integrate AD structures, simply to prevent unauthorized access. I created this writeup to let you know the steps you need. I used CentOS 6.3 and CDH 4.0.1, but you can use other distributions as well. Setup KDC on a Linux Box Install kerberos5 related packages as well as kadmin, too. First thing you have to do is to replace EXAMPLE.COM, which is delivered per default, with your own realm. I used ALO.ALT here. Example config: # hadoop1> cat /etc/krb5.conf [libdefaults] default_realm = ALO.ALT dns_lookup_realm = false dns_lookup_kdc = false [realms] ALO.ALT = { kdc = HADOOP1.ALO.ALT:88 admin_server = HADOOP1.ALO.ALT:749 default_domain = HADOOP1.ALO.ALT } [domain_realm] .alo.alt = ALO.ALT alo.alt = ALO.ALT [logging] kdc = FILE:/var/log/krb5kdc.log admin_server = FILE:/var/log/kadmin.log default = FILE:/var/log/krb5lib.log Now tweak your DNS o
Hey, I'm Alex. I founded X-Warp, Infinimesh, Infinite Devices, Scalytics and worked with Cloudera, E.On, Google, Evariant, and had the incredible luck to build products with outstanding people in my life, across the globe.