Oracle Cloud Infrastructure Documentation

Connecting to Secure Clusters with Kerberos and SSL Enabled

  1. Create a Kerberos directory on a local system that's an SSL enabled ODH cluster for Hive.
  2. Copy hive.service.keytab from un0 node (HiveServe2 node) of the ODH cluster to the Kerberos directory, and then rename it to oac.keytab.
  3. Copy /etc/krb5.conf from un0 node of the ODH cluster to the Kerberos directory and rename it to krb5conf.
  4. Update admin_server and kdc information in krb5conf with the public IP of cluster's mn0 node instead of hostname.
  5. Create a file named service_details.json inside Kerberos directory. For example: 
    
{
 "Host" : "<Public IPs of SSL enabled cluster>",
 "Port" : "10000",
 "ServicePrincipalName" : "hive/<FQDN of SSL enabled cluster>@<REALM_NAME>"
}
  6. Create a zip for the Kerberos directory. For example: 
    $ ls -1 kerberos
krb5conf
oac.keytab
service_details.json
 
$ zip -r SSLKerberos.zip kerberos/*
  7. To create a connection for Kerberos enabled ODH Open the navigation menu and click Analytics & AI. Under Analytics, click Analytics Cloud..
  8. To connect to an Oracle Analytics Cloud instance, select the compartment in which you created the instance.

    If needed, create an instance. See Creating an OAC Instance.

  9. Click the instance name.
  10. Click Analytics Home Page.
  11. Click Create, and then select Connection.
  12. Select Apache Hive.
  13. Enter a name for the connection, and then enter the remaining details with the following specifics:
    • Authentication Type - Select Kerberos
    • Client Credentials - Select SSLKerberos.zip from the local system
    • Enable SSL - Select this
    • Authentication - Select Always use these credentials
  14. Click Save.