Robert Levas created AMBARI-11752:
-------------------------------------
Summary: Kerberos: adjust ambari headless principals for unique
names
Key: AMBARI-11752
URL: https://issues.apache.org/jira/browse/AMBARI-11752
Project: Ambari
Issue Type: Bug
Components: ambari-server
Affects Versions: 2.1.0
Reporter: Robert Levas
Assignee: Robert Levas
Priority: Critical
Fix For: 2.1.0
1) Rollup all headless principal names up to Ambari Principals tab. Currently
looks like Storm and Spark are on second tab, under their section, not under
Ambari tab with ambari-qa, hdfs, hbase, etc. Also make sure the UI has user
readable labels like the others for consistency (see the screen shot.
spark.history.kerberos.principal should be "Spark user principal" for example).
2) By default, all of these to be cluster-name scoped by default.
{code}-${cluster_name}{code} It does no harm for those that don't care... And
for those that care about headless principal names to be unique, this ends up
being done by default (and saves the user from having to remember to set it
this way).
Ultimately when users want to add variables to their principal names they will
be doing it across the board - whatever we can do to make it easier for users
to do so, would be better. If we had all principals in one pane they can
quickly add all of them and visually validate.
*Solution*
Update the details for all _user_ ({{identities/type = user}}) Kerberos
Identity entries in {{kerberos.json}} files to add the following to the
principal name
{code}
-${cluster_name}
{code}
For example:
{code}
${hadoop-env/hdfs_user}@${realm}
{code}
to
{code}
${hadoop-env/hdfs_user}-${cluster_name}@${realm}
{code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
