All Cloudera Operational Databases (CODs) are secured with Kerberos-based authentication, meaning that only authorized users can connect to your database. All HBase and Phoenix Thick JDBC clients must have a proper Kerberos configuration on the host where they run a client.
Run the following command to obtain the necessary Kerberos information and a
krb5.conffile encoded with Base64 :
$ cdp opdb describe-client-connectivity --environment-name [***YOUR ENVIRONMENT***] \ --database-name [***YOUR DATABASE NAME***] | jq -r \ ‘.kerberosConfiguration.krb5Conf’ | base64 --decode
- Copy the output of the command.
- Add the contents into the /etc/krb5.conf file on your edge node.
kinitcommand to validate that you are able to obtain a Kerberos ticket:
$ kinit [***CDP WORKLOAD NAME***] Password: [***CDP WORKLOAD PASSWORD***]
For more information, see CDP workload user and Setting the workload password.
If you successfully authenticate, you will not receive an error and will be able to
validate that you have a ticket using the
klist command. For more
information, see Installing CDP CLI beta.