Kerberos configurations for HWC
You learn how to set up HWC for Kerberos, or not. You set properties and values depending on the JDBC_CLUSTER or JDBC_CLIENT option you configure.
In CDP Private Cloud Base, you need to configure HWC options in
configuration/spark-defaults.conf
, depending on the read option you select.
Alternatively, you can set the properties using the spark-submit/spark-shell
--conf
option.
Secured cluster configuration
For Spark applications on a kerberized Yarn cluster, set the following property:
spark.sql.hive.hiveserver2.jdbc.url.principal
. This property must be
equal to hive.server2.authentication.kerberos.principal
.
On a kerberized YARN cluster, set the following property:
- JDBC_CLUSTER option in a secured cluster
- Property:
spark.security.credentials.hiveserver2.enabled
- Value:
true
- Comment:
true
by default
- Property:
- JDBC_CLIENT option in a secured cluster
- Property:
spark.security.credentials.hiveserver2.enabled
- Value:
false
- Property:
Unsecured cluster configuration
In an unsecured cluster, set the following property:
- Property:
spark.security.credentials.hiveserver2.enabled
- Value:
false