Hadoop Authentication
Applies to: Kyvos Enterprise Kyvos Cloud (SaaS on AWS) Kyvos AWS Marketplace
Kyvos Azure Marketplace  Kyvos GCP Marketplace Kyvos Single Node Installation (Kyvos SNI)
Use this page to specify Hadoop/EMR security for the Kyvos cluster.
Note
The fields displayed in the following figure are displayed ONLY if you select the KERBEROS option.Â
From Kyvos 2023.3 onwards, you can see the last performed Hadoop Authentication operation details, including progress status and start time, by clicking the i icon located next to the Revert button.  To view more comprehensive details, simply click the View Details link, which will take you to the Operations  page where you can view the operation information in detail.Â
To specify Hadoop/EMR authentication, perform the following steps.Â
On the  navigation pane, click Security  > Hadoop Authentication. Â
The Hadoop Authentication page is displayed.ÂFrom the Hadoop Security Type list, select the option as configured on the Hadoop cluster. If no security is configured on Hadoop, select SIMPLE.
If you select the KERBEROS option, then:
Select the check boxes for Key Distribution Center (KDC) configurations:
Yes, I've checked that the KDC allows renewable tickets.
NOTE: For correct working of Kyvos, ensure that the KDC is configured with non-zero and renewable ticket lifetime.Yes, I've setup the environment.
NOTE: Set up an environment that ensures KDC ticket is not expired on the Kyvos nodes.
Enter Keytab User Name for Kerberos.
Keytab available on all hosts: Select this check box if the keytab file is available on all host nodes. A keytab is a file containing pairs of Kerberos principals and encrypted keys (which are derived from the Kerberos password). You can use a keytab file to authenticate to various remote systems using Kerberos without entering a password.
Enter the name of the Keytab File.
NOTE: If the keytab file is not available on host nodes, use the Change button to upload the keytab file to connect to Hadoop.
Click the Validate to confirm if the file exists on the hosts.
From the Kyvos Preferences list, select any one of the following:Â
Keytab Principal User Â
Kyvos Logged in User
 You can specify Kyvos User preferences for Hadoop access as either Keytab Principal User with administrative rights or Kyvos Logged in User with specific access rights to perform activities as per the user's privileges. This user is used for all activities requiring Hadoop access by Kyvos, such as semantic model process.
Click Save.Â
Enter your Kyvos Manager Password.Â
​
Copyright Kyvos, Inc. All rights reserved.