OpsCenter Kerberos configuration options

This reference lists the available OpsCenter configuration options for Kerberos.

The OpsCenter console is the most convenient way to configure basic OpsCenter connection settings for authentication and encryption.

Cluster configuration for Kerberos

Locate the cluster_name.conf file. The location of this file depends on the type of installation:

  • Package installations: /etc/opscenter/clusters/cluster_name.conf

  • Tarball installations: install_location/conf/clusters/cluster_name.conf

The following configuration options are available in cluster_name.conf:

  • [kerberos] default_service

    The default Kerberos service name (Example: cassandra).

  • [kerberos] default_hostname

    The default Kerberos hostname.

  • [kerberos] default_client_principal

    The default Kerberos client principal (Example: cassandra@realm).

  • [kerberos] default_client_user

    The default Kerberos client user.

  • [kerberos] opscenterd_client_principal

    The OpsCenter client principal in Kerberos (Example: user@realm).

  • [kerberos] opscenterd_keytab_location

    Full path to the keytab containing keys for opscenterd_client_principal on the OpsCenter machine.

  • [kerberos] agent_client_principal

    The DataStax agent client principal in Kerberos (Example: user@realm).

  • [kerberos] agent_keytab_location

    Full path to the keytab containing keys for agent_client_principal on the DataStax agent machine.

  • [kerberos] debug

    Whether to output debug messages during Kerberos connection attempts from OpsCenter.

Agent configuration for Kerberos

Locate the address.yaml file. The location of this file depends on the type of installation:

  • Package installations: /var/lib/datastax-agent/conf/address.yaml

  • Tarball installations: install_location/conf/address.yaml

The following configuration options are available in address.yaml:

  • kerberos_service

    The Kerberos service name to use when using Kerberos authentication within DSE. Example: kerberos_service: cassandra-kerberos

  • kerberos_keytab_location

    The Kerberos keytab location when using Kerberos authentication within DSE. Example: kerberos_keytab_location: /path/to/keytab.keytab

  • kerberos_client_principal

    The Kerberos client principal to use when using Kerberos authentication within DSE. Example: kerberos_client_principal: cassandra@hostname

Related information