To use Kerberos with HDP, either use an existing KDC or install a new one for HDP only. The following gives a very high level description of the installation process. For more information, see RHEL documentation , CentOS documentation, SLES documentation. or Ubuntu documentation.
Install the KDC server:
On RHEL, CentOS, or Oracle Linux, run:
yum install krb5-server krb5-libs krb5-auth-dialog krb5-workstation
On SLES, run:
zypper install krb5 krb5-server krb5-client
On Ubuntu, run:
apt-get install krb5 krb5-server krb5-client
![[Note]](../common/images/admon/note.png)
Note The host on which you install the KDC must itself be secure.
When the server is installed you must edit the two main configuration files, located by default here:
Update the KDC configuration by replacing
EXAMPLE.COMwith your domain andkerberos.example.comwith the FQDN of the KDC host; the configuration files are located:On RHEL, CentOS, or Oracle Linux:
/etc/krb5.conf/var/kerberos/krb5kdc/kdc.conf.
On SLES:
/etc/krb5.conf/var/lib/kerberos/krb5kdc/kdc.conf
On Ubuntu:
/etc/krb5.conf/var/kerberos/krb5kdc/kdc.conf.
Copy the updated
krb5.confto every cluster node.
