Configuring Kerberos with DataStax Enterprise

Enabling Kerberos authentication in DataStax Enterprise.

This tutorial is intended for anyone interested in enabling Kerberos authentication in DataStax Enterprise and OpsCenter. It provides step-by-step instructions on configuring DataStax Enterprise as Kerberos clients.

Goals of the tutorial

At the completion of this tutorial you will have a DataStax Enterprise cluster that authenticates principals against a Kerberos realm. You will install the correct client libraries on each node and configure DataStax Enterprise to connect to the Kerberos server to perform authentication.

Before you start this tutorial

You must:
  • Have a basic understanding of how Kerberos works
  • Have a running Kerberos server and the proper administration permissions
  • Know your Kerberos realm name, and the fully-qualified domain names of all the nodes in your DataStax Enterprise cluster
  • Have the ability to install software on the machines on which you want to use Kerberos and DataStax Enterprise
  • Be familiar with running commands from a Unix terminal
  • Have the following software installed:
    • DataStax Enterprise 4.7 or later.
    • A Kerberos 5 server configured for your Kerberos realm.
    • NTP configured on each node of your cluster.
    • DNS configured on each node of your cluster.

    You will install the following software while completing the steps in this tutorial:

    • Kerberos 5 client libraries for your operating system.

Resources for setting up a Kerberos realm

This tutorial doesn't document how to set up a Kerberos realm. If you need to set up a Kerberos realm, see the following resources: