wsjz commented on code in PR #21659:
URL: https://github.com/apache/doris/pull/21659#discussion_r1257677909
##########
docs/zh-CN/docs/lakehouse/multi-catalog/hive.md:
##########
@@ -177,6 +154,40 @@ CREATE CATALOG hive PROPERTIES (
"glue.secret_key" = "sk"
);
```
+### 配置 kerberos
+
+集群开启 kerberos 认证的前提下需要在创建 catalog 时增加以下配置项才可正常访问
+
+```sql
+(
+ 'hadoop.security.authentication' = 'kerberos',
+ 'hadoop.kerberos.keytab' = '/your-keytab-filepath/your.keytab',
+ 'hadoop.kerberos.principal' = 'your-princi...@your.com',
+ 'yarn.resourcemanager.principal' = 'your-rm-principal'
+);
+```
+
+请在所有的 BE、FE 节点下放置 krb5.conf 文件和 keytab 认证文件,keytab 认证文件路径和配置保持一致,krb5.conf
文件默认放置在 /etc/krb5.conf 路径。 hive.metastore.kerberos.principal 的值需要和所连接的 hive
metastore 的同名属性保持一致,可从 hive-site.xml 中获取。 yarn.resourcemanager.principal 的值可从
yarn-site.xml 中获取。如若遇到查询 catalog 失败,可在 fe 启动脚本里增加
-Dsun.security.krb5.debug=true -Dsun.security.jgss.debug=true 进行 debug 。
Review Comment:
format configuration arguments, just like the english docs
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscr...@doris.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@doris.apache.org
For additional commands, e-mail: commits-h...@doris.apache.org
