Create a Kerberos Principal and a keytab File for Sqoop2

Follow these steps to create Kerberos principals and keytab files for Sqoop2. When you perform the configuration steps:
  • Replace <FQDN> with the FQDN of the server. To determine this value, run hostname -f in the command line.
  • Replace <REALM> with the realm name in krb5.conf file which is generated when you install the KDC server on the cluster.
Note: Skip this task if you are not using Sqoop2.
  1. Using the kadmin program, run the following commands to create principals for Sqoop 2:
    addprinc -randkey HTTP/<FQDN>@<REALM>
    addprinc -randkey mapr/<FQDN>@<REALM>
    Kerberos uses the principal HTTP/<FQDN>@<REALM> for communication between Sqoop2 client and Sqoop2 server. The principal mapr/<FQDN>@<REALM> is the Sqoop2 user that communicates between Sqoop2 server and MapR-FS.
  2. Using the kadmin program, run the following commands to create keytabs for the principals:
    xst -k /opt/mapr/conf/mapr.keytab HTTP/<FQDN>@<REALM> 
    xst -k /opt/mapr/conf/mapr.keytab mapr/<FQDN>@<REALM>