Applies to:Kyvos Enterprise Kyvos Azure Marketplace
Kyvos AWS Marketplace Kyvos Free (
Use this page to specify Hadoop/EMR security for the Kyvos cluster.
Info
- The fields displayed in the following figure are displayed ONLY if you select the KERBEROS option.
- From Kyvos 2023.3 onwards, you can see the last performed Hadoop Authentication operation details, including progress status and start time, by clicking the i icon located next to the Revert button. To view more comprehensive details, simply click the View Details link, which will take you to the Operations page where you can view the operation information in detail.
To specify Hadoop/EMR authentication, perform the following steps.
- On the navigation pane, click Security > Hadoop Authentication.
The Hadoop Authentication page is displayed. - From the Hadoop Security Type list, select the option as configured on the Hadoop cluster. If no security is configured on Hadoop, select SIMPLE.
- If you select the KERBEROS option, then:
Select the check boxes for Key Distribution Center (KDC) configurations:
Yes, I've checked that the KDC allows renewable tickets.
Info
For correct working of Kyvos, ensure that the KDC is configured with non-zero and renewable ticket lifetime.
Yes, I've setup the environment.
Info
Set up an environment that ensures KDC ticket is not expired on the Kyvos nodes.
- Enter Keytab User Name for Kerberos.
- Keytab available on all hosts: Select this check box if the keytab file is available on all host nodes. A keytab is a file containing pairs of Kerberos principals and encrypted keys (which are derived from the Kerberos password). You can use a keytab file to authenticate to various remote systems using Kerberos without entering a password.
Enter the name of the Keytab File.
Info
If the keytab file is not available on host nodes, use the Change button to upload the keytab file to connect to Hadoop.
- Click the Validate to confirm if the file exists on the hosts.
- From the Kyvos Preferences list, select any one of the following:
- Keytab Principal User
- Kyvos Logged in User
You can specify Kyvos User preferences for Hadoop access as either Keytab Principal User with administrative rights or Kyvos Logged in User with specific access rights to perform activities as per the user's privileges. This user is used for all activities requiring Hadoop access by Kyvos, such as transformation preview and semantic model process.
- Click Save.
- Enter your Kyvos Manager Password.