Table of Contents

Search

  1. Preface
  2. Introduction to TDM Administration
  3. User and Role Administration
  4. Security Administration
  5. System Preferences
  6. TDM Server Administration
  7. Connections
  8. Pass Phrases
  9. Global Parameters
  10. Dictionaries
  11. User-Defined Datatypes

Administrator Guide

Administrator Guide

Configuring PowerCenter for Kerberos-Enabled Hadoop HDFS Cluster

Configuring PowerCenter for Kerberos-Enabled Hadoop HDFS Cluster

You must configure PowerCenter for a Kerberos-enabled Hadoop cluster before you create and use a Hadoop HDFS connection that uses Kerberos authentication. TDM generates PowerCenter mappings when you use a Hadoop HDFS connection.
Before you configure PowerCenter for a Kerberos-enabled cluster, perform the following prerequisite tasks:
  • Install the latest version of JCE policy files.
  • Ensure that the KRB5_CONFIG environment variable contains the
    krb5.conf
    file location. Ensure that the entries are correct in the
    krb5.conf
    file. Copy the
    krb5.conf
    file in the following path:
    <Informatica installation directory>/TDM/datadirect
  • Ensure that you have read permissions to the ticket cache file.
  1. Create a directory in the location where you install Informatica with the PowerCenter Integration Service running so that the Informatica administrator user has read/write access to the folder. For example, create a directory in the following location:
    <Informatica installation directory>/hadoophdfs/conf/
  2. Copy the following files from a Hadoop cluster to the directory that you created:
    • /etc/hadoop/conf/core-site.xml
    • /etc/hadoop/conf/mapred-site.xml
    • /etc/hadoop/conf/hdfs-site.xml
    • /etc/hive/conf/hive-site.xml
  3. Ensure that the Informatica administrator user exists on all Hadoop cluster nodes and has the same UID. To create the Kerberos ticket cache file, run the
    kinit
    command on all nodes.
  4. To create the Kerberos ticket cache file, run the
    kinit
    command on the Informatica node where the PowerCenter Integration Service is running.
    The ticket cache file is in the following format:
    /tmp/krb5cc_<UID>
    Use the
    kinit
    command to verify, validate, and renew the tickets.
  5. Edit the
    core-site.xml
    file in the directory and add the following parameters:
    <property> <name>hadoop.security.kerberos.ticket.cache.path</name> <value>/tmp/REPLACE_WITH_CACHE_FILENAME</value> <description>Path to the Kerberos ticket cache.</description> </property>
  6. In the Administrator tool, select the PowerCenter Integration Service and click the
    Processes
    tab.
  7. On the
    Environment Variables
    tab, click
    Edit
    . In the CLASSPATH environment variable, add the directory that you created.
  8. Restart the PowerCenter Integration Service.
You can use a Hadoop HDFS connection that uses Kerberos authentication.

0 COMMENTS

We’d like to hear from you!