openstack/sahara
Code Issues Proposed changes

write docs about enabling kerberos

Browse Source 
Change-Id: Ifc5a0edb4a2201708fecd085f4f9863c01d4cff5
This commit is contained in:
Vitaly Gridnev 2016-09-12 13:17:46 +03:00
parent 2371ba4a85
commit d69394689f
2 changed files with 60 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
doc/source/userdoc/ambari_plugin.rst
View File

@ -65,3 +65,33 @@ validation checks to ensure a successful Hadoop deployment:
* Ensure the existence of Ambari Server process in the cluster;
* Ensure the existence of a NameNode, Zookeeper, ResourceManagers processes
HistoryServer and App TimeLine Server in the cluster
Enabling Kerberos security for cluster
--------------------------------------
If you want to protect your clusters using MIT Kerberos security you have to
complete a few steps below.
* If you would like to create a cluster protected by Kerberos security you
just need to enable Kerberos by checkbox in the ``General Parameters``
section of the cluster configuration. If you prefer to use the OpenStack CLI
for cluster creation, you have to put the data below in the
``cluster_configs`` section:
.. sourcecode:: console
"cluster_configs": {
"Enable Kerberos Security": true,
}
Sahara in this case will correctly prepare KDC server and will create
principals along with keytabs to enable authentication for Hadoop services.
* Ensure that you have the latest hadoop-openstack jar file distributed
on your cluster nodes. You can download one at
``http://tarballs.openstack.org/sahara/dist/``
* Sahara will create principals along with keytabs for system users
like ``oozie``, ``hdfs`` and ``spark`` so that you will not have to
perform additional auth operations to execute your jobs on top of the
cluster.

30
doc/source/userdoc/cdh_plugin.rst
View File

@ -129,3 +129,33 @@ In case of version 5.5.0 or 5.7.x of Cloudera Plugin additional services in
the cluster topology are available:
+ Cluster can have the kafka service and several kafka brokers.
Enabling Kerberos security for cluster
--------------------------------------
If you want to protect your clusters using MIT Kerberos security you have to
complete a few steps below.
* If you would like to create a cluster protected by Kerberos security you
just need to enable Kerberos by checkbox in the ``General Parameters``
section of the cluster configuration. If you prefer to use the OpenStack CLI
for cluster creation, you have to put the data below in the
``cluster_configs`` section:
.. sourcecode:: console
"cluster_configs": {
"Enable Kerberos Security": true,
}
Sahara in this case will correctly prepare KDC server and will create
principals along with keytabs to enable authentication for Hadoop services.
* Ensure that you have the latest hadoop-openstack jar file distributed
on your cluster nodes. You can download one at
``http://tarballs.openstack.org/sahara/dist/``
* Sahara will create principals along with keytabs for system users
like ``hdfs`` and ``spark`` so that you will not have to
perform additional auth operations to execute your jobs on top of the
cluster.