Because HBase traffic is secured with Kerberos, you must configure Flume to use Kerberos in order to write sinks to secure HBase using Flume's HBaseSink. Once Kerberos is enabled, the
maprlogin ticket generation is performed implicitly. After installing Flume, follow these steps to configure Flume to use Kerberos authentication.
- Verify that a keytab file called
flume.keytabalready exists and contains a principal that matches the Kerberos identity of the user that will be running
- Verify that your
flume.conffile contains the following properties:
agents.sink.hbaseSink.kerberosPrincipal = user/FQDN@REALM.COM. Set this property to the Kerberos identity of the user running
agents.sink.hbaseSink.kerberosKeytab = path_to_keytab. Set this property to the path to the valid keytab file for the user running