Uploaded image for project: 'Ambari'
  1. Ambari
  2. AMBARI-15716

Kerberos: Allow multiple KDC hosts to be set while enabling Kerberos

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Duplicate
    • 2.0.0
    • 2.4.0
    • ambari-server

    Description

      Because multiple KDCs may exist for an installation (failover, high availability, etc...), Ambari should allow a user to specify multiple KDC hosts to be set while enabling Kerberos and updating the Kerberos service's configuration.

      This should be done by allowing kerberos-env/kdc_host to accept a (comma-)delimited list of hosts and then parsing that list properly when building the krb5.conf file where each kdc_host item generates an entry in the relevant realm block. For example:

      kerberos-env
      {
  ...
 "kdc_hosts" : "kdc1.example.com, kdc2.example.com"
  ...
}
      krb5.conf
      [realms]
  EXAMPLE.COM = {
    ...
    kdc = kdc1.example.com
    kdc = kdc2.example.com
    ...
  }

      Attachments

        Issue Links

          is duplicated by

          Bug - A problem which impairs or prevents the functions of the product. AMBARI-13240 Kerberos: Allow multiple KDC hosts to be set while enabling Kerberos

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Resolved

          Activity

            People

              rlevas Robert Levas
              rlevas Robert Levas
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: