Once the Kerberos setup is completed and the user principals are added to KDC, we can configure Hadoop to use Kerberos authentication. It is assumed that a Hadoop cluster in a non-secured mode is configured and available. We will begin the configuration using Cloudera Distribution of Hadoop (CDH4).
The steps involved in configuring Kerberos authentication for Hadoop are shown in the following figure:
In each of the Hadoop node (master node and slave node), we need to install the Kerberos client. This is done by installing the client packages and libraries on the Hadoop nodes.
For RHEL/CentOS/Fedora, we will use the following command:
yum install krb5-libs krb5-workstation
For Ubuntu, we will use the following command:
apt-get install krb5-user