Hey Michael Weiser, I've tested the patch. In general, this is a great work. We're getting the kerberos feature almost fixed.
There's a realm configuration missing in cluster.yaml that causing all the principal in hdfs-site.xml not having realm, hence namenode startup fail.
Here's a quick and dirty fix I added into cluster.yaml:
This will propagate realm setting to hadoop's init.pp. After adding this I can successfully provision a kerberos cluster.
Here's the kerberos setting I added in site.yaml FYR (copied from cluster.yaml):
However, for an official fix, we shall use the naming convention introduced in
BIGTOP-1634, that would be something like this:
and then updated $hadoop::kerberos_realm to $hadoop::common_hdfs::kerberos_realm in hadoop init.pp.
Are you planning to fix one component each time? We've solr, zookeeper, oozie, hue, and hbase, which are also need to be fixed as well. I'm ok to fix it one by one. But how about rename the title to specific to hadoop, so that we can do other components in separated JIRA.