Configuring Phoenix Query Server
The HBase configuration provides most of the settings that enable secure Kerberos environments for Phoenix. However, there are additional configuration properties that complete the setup of Kerberos security for the Phoenix Query Server.
To configure Phoenix Query Server using Cloudera Manager:
Minimum Required Role: Cluster Administrator (also provided by Full Administrator)
- Go to the HBase service.
- Click the Configuration tab.
- Select .
- Select .
- Locate the HBase Secure Authentication property or search for it by typing its name in the Search box.
- Select kerberos.
- Go to the HDFS service.
- Click the Configuration tab.
- Select .
- Select .
- Locate the Cluster-wide Advanced Configuration Snippet (Safety Valve) for core-site.xml property or search for it by typing its name in the Search box.
- Click View as XML, and add the following properties:
<property> <name>hadoop.proxyuser.phoenix.hosts</name> <value>server1.domain.com,server2.domain.com</value> <description>A comma-separated list of fully-qualified domain names of hosts running services with the Hadoop user "phoenix" that can impersonate end users. Alternatively, insert an asterisk (*) instead of listing host names if you want to allow all hosts to impersonate end users.</description> </property><property> <name>hadoop.proxyuser.phoenix.groups</name> <value>group1, group2</value> <description>A comma-separated list of groups that the "phoenix" user can impersonate. Alternatively, insert an asterisk (*) instead of listing groups if you want to allow users in all groups to be impersonated</description> </property> - Enter a Reason for change, and then click Save Changes to commit the changes.
- Restart the role and service when Cloudera Manager prompts you to restart.