OpsCenter Kerberos configuration options

Reference of available OpsCenter configuration options for Kerberos.

cluster_name.conf

The location of the cluster_name.conf file depends on the type of installation:
  • Package installations: /etc/opscenter/clusters/cluster_name.conf
  • Tarball installations: install_location/conf/clusters/cluster_name.conf

address.yaml

The location of the address.yaml file depends on the type of installation:
  • Package installations: /var/lib/datastax-agent/conf/address.yaml
  • Tarball installations: install_location/conf/address.yaml
This reference lists the available OpsCenter configuration options for Kerberos.
Note: The OpsCenter console is the most convenient way to configure basic OpsCenter connection settings for authentication and encryption.

Cluster configuration for Kerberos

The following configuration options are available in cluster_name.conf:

[kerberos] default_service
The default Kerberos service name (Example: cassandra).
[kerberos] default_hostname
The default Kerberos hostname.
[kerberos] default_client_principal
The default Kerberos client principal (Example: cassandra@realm).
[kerberos] default_client_user
The default Kerberos client user.
[kerberos] opscenterd_client_principal
The OpsCenter client principal in Kerberos (Example: user@realm).
[kerberos] opscenterd_keytab_location
Full path to the keytab containing keys for opscenterd_client_principal on the OpsCenter machine.
[kerberos] agent_client_principal
The DataStax agent client principal in Kerberos (Example: user@realm).
[kerberos] agent_keytab_location
Full path to the keytab containing keys for agent_client_principal on the DataStax agent machine.
[kerberos] debug
Whether to output debug messages during Kerberos connection attempts from OpsCenter.

Agent configuration for Kerberos

The following configuration options are available in address.yaml:

kerberos_service
The Kerberos service name to use when using Kerberos authentication within DSE. Example: kerberos_service: cassandra-kerberos
kerberos_keytab_location
The Kerberos keytab location when using Kerberos authentication within DSE. Example: kerberos_keytab_location: /path/to/keytab.keytab
kerberos_client_principal
The Kerberos client principal to use when using Kerberos authentication within DSE. Example: kerberos_client_principal: cassandra@hostname