Secure-to-secure: Kerberos principal name
Assign the same principle name to applicable NameNodes in the source and destination clusters.
distcp hdfs://cdp-secure hdfs://cdp-secure
One issue here is that the SASL
RPC client requires that the remote server’s Kerberos principal must match the server
principal in its own configuration. Therefore, the same principal name must be assigned to
the applicable NameNodes in the source and the destination cluster. For example, if the
Kerberos principal name of the NameNode in the source cluster is nn/host1@realm, the
Kerberos principal name of the NameNode in destination cluster must be nn/host2@realm,
rather than nn2/host2@realm, for example.