Enabling custom Kerberos principal support in a Queue Manager cluster
In a secure Queue Manager cluster you can enable custom Kerberos principal using Cloudera Manager.
Ensure your Queue Manager cluster is secure. For that check if it runs on port 7183.
- In Cloudera Manager, navigate to .
- Search for admin acl.
-
Find the Admin ACL (
yarn_admin_acls
) property. - Add the user you want to use for the Kerberos principal to the list of Admin ACL property.
- Click Save Changes.
- Restart the YARN service.
- Navigate to .
- Search for kerberos principal.
-
Find the Kerberos Principal
(
kerberos_princ_name
) property. - Add the same user you added to the Admin ACL property.
- Click Save Changes.
- Restart the YARN Queue Manager service to avoid staleness.