Connecting to a Kerberos-Enabled Hadoop Server
You can configure the TIBCO ActiveMatrix BusinessWorks™ Plug-in for Big Data to connect to a Kerberos-enabled Hadoop server using any of the three Kerberos methods: Keytab, Cached, or Password.
Prerequisites
- A keytab file that is used to identify the principal
- On Macintosh and Linux: krb5.conf file. This file contains the information about your KDC server configuration such as realm, and the connection properties.
- On Windows: krb5.ini file
Generate the above files on your KDC server and keep them handy. Refer to the documentation from your vendor for details on how to generate the files.
Select one of the following Kerberos methods in TIBCO Business Studio™ to connect to a Kerberos-enabled Hadoop server.
Using the Keytab Method
Follow these steps to use the Keytab method:
- In
Project Explorer, fully expand the application module, and double-click the HCatalog Connection shared resource under the
Resources folder to open the
HcatalogConnection Editor in the right pane.
- Select the Enable Kerberos checkbox.
- Select Keytab from the Kerberos Method drop-down menu.
- Enter the Kerberos Principal in its text box.
- Enter the path to the Keytab file on your system or navigate to it using the button.
- Test the connection using the Test Connection button.
- Repeat the same steps for the HDFS Connection shared resource under the Resources folder.
Using the Cached Method
Note: Make sure that you have the keytab file handy before following this procedure. You will need to cache the keytab file in your environment on the machine where the Big Data plug-in is installed.
Follow these steps to use the Cached method:
- Open a command prompt and run the following command:kinit -kt
<keytab-filename>
<principal-name>
This utility caches the keytab file in your environment.
- After the command completes, run klist to make sure that the keytab file has been properly cached. When successful, the klist command outputs the details of the principal associated with the keytab file.
- In
Project Explorer, fully expand the application module, and double-click the HCatalog Connection shared resource under the
Resources folder to open the
HcatalogConnection Editor in the right pane.
- Select the Enable Kerberos checkbox.
- Select Cached from the Kerberos Method drop-down menu.
- Enter the Kerberos Principal in its text box.
- Test the connection using the Test Connection button.
- Repeat the same steps for the HDFS Connection shared resource under the Resources folder.
Using the Password Method
The Password method does not require the keytab file. Follow these steps to use the Password method:
- In
Project Explorer, fully expand the application module, and double-click the HCatalog Connection shared resource under the
Resources folder to open the
HcatalogConnection Editor in the right pane.
- Select the Enable Kerberos checkbox.
- Select Password from the Kerberos Method drop-down menu.
- Enter the Kerberos Principal in its text box.
- Enter the password for the Kerberos principal in the Kerberos Password text box.
- Test the connection using the Test Connection button.
- Repeat the same steps for the HDFS Connection shared resource under the Resources folder.
Copyright © Cloud Software Group, Inc. All rights reserved.