Configuring Kerberos with DataStax Enterprise
Enabling Kerberos authentication in DataStax Enterprise.
This tutorial is intended for anyone interested in enabling Kerberos authentication in DataStax Enterprise and OpsCenter. It provides step-by-step instructions on configuring DataStax Enterprise as Kerberos clients.
Goals of the tutorial
At the completion of this tutorial you will have a DataStax Enterprise cluster that authenticates principals against a Kerberos realm. You will install the correct client libraries on each node and configure DataStax Enterprise to connect to the Kerberos server to perform authentication.
Before you start this tutorial
- Have a basic understanding of how Kerberos works
- Have a running Kerberos server and the proper administration permissions
- Know your Kerberos realm name, and the fully-qualified domain names of all the nodes in your DataStax Enterprise cluster
- Have the ability to install software on the machines on which you want to use Kerberos and DataStax Enterprise
- Be familiar with running commands from a Unix terminal
- Have the following software installed:
- DataStax Enterprise 4.7 or later.
- A Kerberos 5 server configured for your Kerberos realm.
- NTP configured on each node of your cluster.
- DNS configured on each node of your cluster.
You will install the following software while completing the steps in this tutorial:
- Kerberos 5 client libraries for your operating system.
Resources for setting up a Kerberos realm
This tutorial doesn't document how to set up a Kerberos realm. If you need to set up a Kerberos realm, see the following resources:
- Setting Up MIT Kerberos 5 for Debian and Ubuntu
- Setting up Kerberos on Red Hat Enterprise Linux for Red Hat and other compatible distributions that use Yum