Cloudera Enterprise 5.15.x | Other versions
Sqoop 2 Authentication
This section describes how to configure Sqoop 2 with Kerberos security in a Hadoop cluster.
Note: Sqoop 2 is being deprecated. Cloudera recommends using Sqoop 1.Create the Sqoop 2 Principal and Keytab File
You need to create a sqoop2.keytab file for Sqoop 2. Follow these steps:
- Create the principal and keytab file:
kadmin: addprinc -randkey sqoop2/fully.qualified.domain.name@YOUR-REALM.COM kadmin: xst -k sqoop2.keytab sqoop2/fully.qualified.domain.name
- Move the file into the Sqoop 2 configuration directory and restrict its access exclusively to the sqoop2 user:
$ mv sqoop2.keytab /etc/sqoop2/conf/ $ chown sqoop2 /etc/sqoop2/conf/sqoop2.keytab $ chmod 400 /etc/sqoop2/conf/sqoop2.keytab
For more details on creating Kerberos principals and keytabs, see Step 4: Create and Deploy the Kerberos Principals and Keytab Files.
Configure Sqoop 2 to Use Kerberos
Edit the Sqoop 2 configuration file sqoop.properties file in the /etc/sqoop2/conf directory and add the following properties:
org.apache.sqoop.authentication.type=KERBEROS org.apache.sqoop.authentication.handler=org.apache.sqoop.security.KerberosAuthenticationHandler org.apache.sqoop.authentication.kerberos.principal=sqoop2/fully.qualified.domain.name@YOUR-REALM.COM org.apache.sqoop.authentication.kerberos.keytab=/etc/sqoop2/conf/sqoop2.keytab
Page generated May 18, 2018.
| << Configuring Spark on YARN for Long-Running Applications | ©2016 Cloudera, Inc. All rights reserved | Sqoop 1, Pig, and Whirr Security >> |
| Terms and Conditions Privacy Policy |