(DEPRECATED) Apache Flink User Mailing List archive.

Flink 1.6.1 Kerberos configuration

classic Classic list List threaded Threaded
2 messages Options
Marke Builder
Reply | Threaded
Open this post in threaded view
|

Flink 1.6.1 Kerberos configuration

Marke Builder
Hello,

I'm using flink 1.6.1 for streaming. In addition I need access to an storage layer with kerberos auth. . I added the following parameter in the flink-conf.yml 

security.kerberos.login.use-ticket-cache: true
security.kerberos.login.keytab: /.../*.keytab
security.kerberos.login.principal: *@*

But after a view days (token expired) the job failed with the GSSException:
No valid credentials provided (Mechanism level: Failed to find any Kerberos tgt)

Do I have to make additional settings or have I missed something else?

Thanks and Best Regards,
Marke
Andrey Zagrebin-3
Reply | Threaded
Open this post in threaded view
|

Re: Flink 1.6.1 Kerberos configuration

Andrey Zagrebin-3
Hi Marke,

which storage layer causes the problem?
Not sure, but some implementations might use different approaches internally and not update ticket automatically or use hadoop/jaas security.

Best,
Andrey

On Fri, Feb 22, 2019 at 9:45 AM Marke Builder <[hidden email]> wrote:
Hello,

I'm using flink 1.6.1 for streaming. In addition I need access to an storage layer with kerberos auth. . I added the following parameter in the flink-conf.yml 

security.kerberos.login.use-ticket-cache: true
security.kerberos.login.keytab: /.../*.keytab
security.kerberos.login.principal: *@*

But after a view days (token expired) the job failed with the GSSException:
No valid credentials provided (Mechanism level: Failed to find any Kerberos tgt)

Do I have to make additional settings or have I missed something else?

Thanks and Best Regards,
Marke
Free forum by Nabble Edit this page