Major Description
When configuring kerberos security for Oozie, the oozie.service.HadoopAccessorService.kerberos.principal property and oozie.authentication.kerberos.principal need to be configured. However, both of which don't support _HOST substitution, i.e. if it is configured as oozie/_HOST@EXAMPLE.COM, the _HOST shall be replaced with the FQDN of the host. This feature is supported by hdfs and yarn, so it would be great if oozie support it as well.
Below is from the oozie log:
======================
2014-02-17 08:28:53,199 FATAL Services:533 - USER[-] GROUP[-] E0100: Could not initialize service [org.apache.oozie.service.HadoopAccessorService], Login failure for oozie/_HOST@EXAMPLE.COM from keytab /etc/security/keytab/oozie.service.keytab
org.apache.oozie.service.ServiceException: E0100: Could not initialize service [org.apache.oozie.service.HadoopAccessorService], Login failure for oozie/_HOST@EXAMPLE.COM from keytab /etc/security/keytab/oozie.service.keytab
======================