How predefined Kerberos principals are used in Cloudera Data Warehouse on premises
By default, Cloudera Data Warehouse creates Kerberos principal names for Database Catalogs and Environments using the service hostname and the deterministic namespace name based on the name of the Database Catalog or Environment when you create a Database Catalog or an Environment. However, you can generate and provide the keytabs, if needed.
The service principals for Cloudera Data Warehouse need to be the same as on the base cluster. For more information, see Customizing Kerberos principals in the Cloudera Base on premises documentation.
By default, the host principals are generated programmatically. You can generate and provide the keytabs, but the hostnames in the Kerberos principals are fixed. Cloudera Data Warehouse uses a deterministic namespace and environment IDs for the Kerberos principals.
| Cloudera Data Warehouse entity | User-specified name | Namespace IDs with Cloudera Data Warehouse-assigned prefix | Hive Kerberos principal name |
|---|---|---|---|
| Environment | my-test-env | env-my-test-env-default | hive/dwx-env-my-test-env.cdp.local@REALM.EXAMPLE.COM |
| Database Catalog | my-test-catalog | warehouse-my-test-catalog | hive/metastore-service.warehouse-warehouse-my-test-catalog.svc.cluster.local@REALM.EXAMPLE.COM |
| Virtual Warehouse | my-impala-warehouse | impala-my-impala-warehouse | NA |
