Details
-
Bug
-
Status: Resolved
-
Blocker
-
Resolution: Won't Fix
-
2.4.0
Description
Allow multiple configurations for a Kerberos identity principal and keytab definition.
Currently we allow:
{
"name": "some_name",
"principal": {
"value": "foobar/_HOST@${realm}",
"type" : "service",
"configuration": "config1/property1",
"local_username" : "${hadoop-env/hdfs_user}"
},
"keytab": {
"file": "${keytab_dir}/foobar.service.keytab",
"owner": {
"name": "${config-env/foobar_user}",
"access": "r"
},
"group": {
"name": "${cluster-env/user_group}",
"access": ""
},
"configuration": "config1/property2"
}
},
but we should allow for
{
"name": "some_name",
"principal": {
"value": "foobar/_HOST@${realm}",
"type" : "service",
"configurations": ["config1/property1", "config2/propertyA"],
"local_username" : "${hadoop-env/hdfs_user}"
},
"keytab": {
"file": "${keytab_dir}/foobar.service.keytab",
"owner": {
"name": "${config-env/foobar_user}",
"access": "r"
},
"group": {
"name": "${cluster-env/user_group}",
"access": ""
},
"configurations":[ "config1/property2", "config2/propertyB"]
}
},