6.3. Enabling Kerberos Security

To turn on Kerberos-based security you must:

  1. Have already set up Kerberos for your cluster. For more information on setting up Kerberos, see Setting Up Kerberos for Use with Ambari

  2. Click Enable Security and follow the Enable Security Wizard.

    1. Get Started: This step just reminds you that you need to set up Kerberos before you start.

    2. Configure Services: This step asks you for your Kerberos information: principals and paths to keytabs, path to your Kerberos tools, realm names and so on. For more information about a specific field, hover over it, and a popup with a definition appears.

    3. Create Principals and Keytabs: Use this step to check that all your information is correct. Click Back to make any changes. Click Apply when you are satisfied with the assignments.

      [Note]Note

      If you have a large cluster, you may want to go to the Create Principals and Keytabs step first. Step through the wizard accepting the defaults to get to the appropriage page. On the page, use the Download CSV button to get a list of all the necessary principals and keytabs in CSV form, which can be used to set up a script. The list includes hostname, principal description, principal name, keytab user, keytab group, keytab permissions, absolute keytab path, and keytab filename.

    4. Save and Apply Configuration: This step displays a bar showing the progress of integrating the Kerberos information into your Ambari Server.


loading table of contents...