1 为CM创建管理员主体/实例
[root@hadoop102 ~]# kadmin.local -q "addprinc cloudera-scm/admin" Authenticating as principal root/admin@HADOOP.COM with password. WARNING: no policy specified for cloudera-scm/admin @HADOOP.COM; defaulting to no policy Enter password for principal " cloudera-scm/admin @HADOOP.COM": (输入密码) Re-enter password for principal " cloudera-scm/admin @HADOOP.COM": (确认密码) Principal " cloudera-scm/admin @HADOOP.COM" created.
2 启用Kerberos
3 环境确认(勾选全部)
4 填写配置
Kerberos 加密类型:aes128-cts、des3-hmac-sha1、arcfour-hmac
5 继续
6 填写主体名和密码
7 等待导入KDC
8 准备重启集群
9 等待完成
10 查看主体
[root@hadoop102 ~]# kadmin.local -q "list_principals" Authenticating as principal cloudera-scm/admin@HADOOP.COM with password. HTTP/hadoop102@HADOOP.COM HTTP/hadoop103@HADOOP.COM HTTP/hadoop104@HADOOP.COM K/M@HADOOP.COM admin/admin@HADOOP.COM atguigu@HADOOP.COM cloudera-scm/admin@HADOOP.COM hdfs/hadoop102@HADOOP.COM hdfs/hadoop103@HADOOP.COM hdfs/hadoop104@HADOOP.COM hive/hadoop102@HADOOP.COM hue/hadoop102@HADOOP.COM kadmin/admin@HADOOP.COM kadmin/changepw@HADOOP.COM kadmin/hadoop102@HADOOP.COM krbtgt/HADOOP.COM@HADOOP.COM mapred/hadoop102@HADOOP.COM oozie/hadoop102@HADOOP.COM sentry/hadoop102@HADOOP.COM yarn/hadoop102@HADOOP.COM yarn/hadoop103@HADOOP.COM yarn/hadoop104@HADOOP.COM zookeeper/hadoop102@HADOOP.COM zookeeper/hadoop103@HADOOP.COM zookeeper/hadoop104@HADOOP.COM
大数据实战(八十四):电商数仓(六十八)安全之Kerberos安全认证(四)CDH启用Kerberos安全认证
原文:https://www.cnblogs.com/qiu-hua/p/13576592.html