OpsCenter Kerberos configuration options
Reference of available OpsCenter configuration options for Kerberos.
cluster_name.conf
The location of the cluster_name.conf file depends on the type of installation:- Package installations: /etc/opscenter/clusters/cluster_name.conf
- Tarball installations: install_location/conf/clusters/cluster_name.conf
address.yaml
The location of the address.yaml file depends on the type of installation:- Package installations: /var/lib/datastax-agent/conf/address.yaml
- Tarball installations: install_location/conf/address.yaml
This reference lists the available OpsCenter configuration options for Kerberos.
Note: The OpsCenter console is the most convenient way to configure basic OpsCenter connection settings for authentication and
encryption.
Cluster configuration for Kerberos
The following configuration options are available in cluster_name.conf:
- [kerberos] default_service
- The default Kerberos service name (Example: cassandra).
- [kerberos] default_hostname
- The default Kerberos hostname.
- [kerberos] default_client_principal
- The default Kerberos client principal (Example: cassandra@realm).
- [kerberos] default_client_user
- The default Kerberos client user.
- [kerberos] opscenterd_client_principal
- The OpsCenter client principal in Kerberos (Example: user@realm).
- [kerberos] opscenterd_keytab_location
- Full path to the keytab containing keys for opscenterd_client_principal on the OpsCenter machine.
- [kerberos] agent_client_principal
- The DataStax agent client principal in Kerberos (Example: user@realm).
- [kerberos] agent_keytab_location
- Full path to the keytab containing keys for agent_client_principal on the DataStax agent machine.
- [kerberos] debug
- Whether to output debug messages during Kerberos connection attempts from OpsCenter.
Agent configuration for Kerberos
The following configuration options are available in address.yaml:
- kerberos_service
- The Kerberos service name to use when using Kerberos authentication within DSE. Example:
kerberos_service: cassandra-kerberos
- kerberos_keytab_location
- The Kerberos keytab location when using Kerberos authentication within DSE. Example:
kerberos_keytab_location: /path/to/keytab.keytab
- kerberos_client_principal
- The Kerberos client principal to use when using Kerberos authentication within DSE. Example:
kerberos_client_principal: cassandra@hostname