Configure a Secure HBase Sink
IMPORTANT This component is deprecated. Hewlett Packard
Enterprise recommends using an alternate product. For more information, see Discontinued Ecosystem Components.
Configure Flume agents to use Kerberos when you want to write sinks to secure HBase.
- Create a keytab file called
flume.keytab
that contains a principal that matches the Kerberos identity of the user that will be runningflume-ng
. For example:# kadmin : addprinc -randkey username/<FQDN@REALM> : ktadd -k /opt/mapr/conf/flume.keytab username/<FQDN@REALM>
The
flume.keytab
file must be owned and readable only by themapr
user. - In the
flume.conf
file, configure the following properties:Property Value Description <agent>.sinks.<hbaseSink>.kerberosPrincipal
username/FQDN@REALM.COM The Kerberos identity of the user running flume-ng
.<agent>.sinks.<hbaseSink>.kerberosKeytab
path_to_keytab The path to a valid keytab file (flume.keytab) for the user running flume-ng
For additional properties that you may want to configure, see the Apache Flume documentation.
NOTE Once Kerberos is enabled, the maprlogin ticket generation is performed
implicitly.