I have been looking through the hbase-thrift code looking for where
the server performs renewals of kerberos tickets for the provided
principal/keytab. There seems to be no logic in place for renewing tickets.
The hadoop-common provides the class
UserGroupInformation, which exposes the method
checkTGTAndReloginFromKeytab. I can see that the ThriftServerRunner class
has a handle to the class
but I do not see the ticket renewal logic being called anywhere.
A possible workaround is to renew the ticket outside the java process.
The documentation on the checkTGTAndReloginFromKeytab states that if the ticket is still valid, a call to the method is essentially a no-op.