Skip to main content
Skip table of contents

Engine KERBEROS Authentication

When deploying Indexima in a YARN context, you can use Kerberos to authenticate your Hadoop services.

Configuration

Modify your conf/galactica.conf file by adding the following lines:

galactica.conf

BASH 
yarn.kerberos = true

Then specify the principal and keytable in the hive-sive.xml file, like you would for the Hive server.

hive-sive.xml

XML 
<property>
  <name>hive.server2.authentication</name>
  <value>KERBEROS</value>
</property>
<property>
  <name>hive.server2.authentication.kerberos.principal</name>
  <value>robert/_HOST@INDEXIMA.COM</value>
</property>
<property>
  <name>hive.server2.authentication.kerberos.keytab</name>
  <value>/etc/security/keytabs/robert.service.keytab</value>
</property>

Before (re)starting Indexima

Before starting Indexima, don't forget to do a kinit on every node.

Following the example above, the command would be

BASH 
kinit -kt /etc/security/keytabs/robert.service.keytab hive/$(hostname -f)@INDEXIMA.COM

Then, start Indexima.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close