Connecting to Secure Clusters with Kerberos Enabled
-
Create a
Kerberos
directory on a local system. -
Copy
hive.service.keytab
from un0 node (HiveServe2 node) of the ODH cluster to theKerberos
directory, and then rename it tooac.keytab
. -
Copy
/etc/krb5.conf
from un0 node of the ODH cluster to theKerberos
directory and rename it tokrb5conf
. -
Update
admin_server
andkdc
information inkrb5conf
with the public IP of cluster's mn0 node instead of hostname. -
Create a file named
service_details.json
insideKerberos
directory. For example:{ "Host" : "<Public IP of HiveServer2 node(un0)>", "Port" : "10000", "ServicePrincipalName" : "hive/<FQDN of HiveServer2 node(un0)>@<REALM_NAME>" }
-
Create a zip for
Kerberos
directory. For example:$ ls -1 kerberos krb5conf oac.keytab service_details.json $ zip -r SSLKerberos.zip kerberos/*
- To create a connection for Kerberos enabled ODH Open the navigation menu and click Analytics & AI. Under Analytics, click Analytics Cloud..
-
To connect to an Oracle Analytics Cloud instance, select the compartment in which you created the instance.
If needed, create an instance. See Creating an OAC Instance.
- Click the instance name.
- Click Analytics Home Page.
- Click Create, and then select Connection.
- Select Apache Hive.
-
Enter a name for the connection, and then enter the remaining details with the following specifics:
- Authentication Type - Select Kerberos
- Client Credentials - Select
SSLKerberos.zip
from the local system - Authentication - Select Always use these credentials
- Click Save.
- To verify the connection, go to the OAC home page and click Connect to Your Data.
-
Click the connection you created.
If successful, the hive database tables are listed.