我们有30个节点的hdp2.6.5集群运行ambari堆栈。
问题:我们的druid kerberos票证不是自动续签的,每24小时,我们手动运行kinit进行续签,
举例说明:
druid@server01:~$ klist -f
Ticket cache: FILE:/tmp/krb5cc_1011
Default principal: druid-nirulabs_prod@nirulabs
Valid starting Expires Service principal
04/06/2020 11:59:37 04/07/2020 11:59:37 krbtgt/nirulabs@nirulabs
renew until 04/06/2020 11:59:37, Flags: FRIkrb5.conf文件
druid@server01:~$ cat /etc/krb5.conf
[libdefaults]
renew_lifetime = 7d
forwardable = true
default_realm = nirulabs
ticket_lifetime = 24h
dns_lookup_realm = false
dns_lookup_kdc = false
default_ccache_name = /tmp/krb5cc_%{uid}
#default_tgs_enctypes = aes des3-cbc-sha1 rc4 des-cbc-md5
#default_tkt_enctypes = aes des3-cbc-sha1 rc4 des-cbc-md5
[domain_realm]
nirulabs = nirulabs
[logging]
default = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
kdc = FILE:/var/log/krb5kdc.log
[realms]
nirulabs = {
admin_server = kdcserver01.velabs.local
kdc = kdcserver01.velabs.local
}感谢您的帮助。
谢谢你,尼鲁
暂无答案!
目前还没有任何答案,快来回答吧!