cd directroy-kerby/has-project/supports/zookeeper mvn clean package
cp directroy-kerby/has-project/supports/zookeeper/lib/* $ZOOKEEPER_HOME/lib/
cp directroy-kerby/has-project/supports/zookeeper/conf/* $ZOOKEEPER_HOME/conf/
Update $ZOO_CONF_DIR/jaas.conf Replace “_HOST” with the specific hostname for each host
Server { com.sun.security.auth.module.Krb5LoginModule required useKeyTab=true keyTab="/path/to/zookeeper.keytab" storeKey=true useTicketCache=true principal="zookeeper/_HOST@HADOOP.COM"; }; Client { com.sun.security.auth.module.Krb5LoginModule required useKeyTab=true keyTab="/home/hdfs/keytab/hbase.keytab" storeKey=true useTicketCache=false principal="zookeeper/_HOST@HADOOP.COM"; };
Update conf/zoo.cfg
authProvider.1=org.apache.zookeeper.server.auth.SASLAuthenticationProvider jaasLoginRenew=3600000 kerberos.removeHostFromPrincipal=true kerberos.removeRealmFromPrincipal=true
zkCli.sh -server hostname:port create /znode1 data sasl:zookeeper:cdwra getAcl /znode1
The results from getAcl should show that the proper scheme and permissions were applied to the znode.
like: 'sasl,'zookeeper