Virtual schema - Kerberos connection to Impala

gcekol
SQL-Fighter

Dear all,

I'm trying establish a connection from Exasol to Impala that is Kerberos secured.

This is what I've found on Github:

python tools/create_kerberos_conn.py krb_conn krbuser@EXAMPLE.COM /etc/krb5.conf ./krbuser.keytab \
'jdbc:impala://<Impala host>:<port>;AuthMech=1;KrbRealm=EXAMPLE.COM;KrbHostFQDN=host.example.com;KrbServiceName=impala'

I've done this already while I was connecting Cognos to Impala, so I have all the files.

What I am not sure is where do I need to store the krb5.conf and *.keytab file? On local machine or do I need to upload it to Exasol server.

I'm not much of UNIX/Linux person, so if those files need to be on Exasol server, can you tell me how to do it?

 

Thank you in advance!

 

Goran 

6 REPLIES 6

gcekol
SQL-Fighter

I will try to see if there is somekind of firewall problem.

gcekol
SQL-Fighter

Firewall is not an issue.

 

exa-Nico
Community Manager
Community Manager

Hi Goran, 

You don't need to store the conf or keytab file in the Exasol server. You need to run the python script on your local machine (or any machine) and within your execution put the path to the conf and keytab file there.

The script will generate a CREATE CONNECTION command which you just need to copy to the database.

Sports Enthusiast. Database Guy. Member of Team Exasol.
Having trouble? Just let me know!

Please Give Kudos if you find this post useful and also mark this as Accepted Solution if this is the required solution

gcekol
SQL-Fighter

Thank you for your answer!

I need to install Python locally, run the script and hopefully everything will be fine.

exa-Nico
Community Manager
Community Manager

Fingers crossed that everything's fine 😉

Sports Enthusiast. Database Guy. Member of Team Exasol.
Having trouble? Just let me know!

Please Give Kudos if you find this post useful and also mark this as Accepted Solution if this is the required solution

gcekol
SQL-Fighter

Well, it doesn't work yet and I still need a little bit of help.

I've installed Python and I was able to run the create_kerberos_conn.py

Syntax:

python folder> create_kerberos_conn_py -r -o out.txt IMPALA_CONNECTION bddwh@BDSIM.SIT.PBZ.HR krb5.conf krb5.keytab

Result was out.exe file (see in attachment)

 

After that I run on DBVisualizer following code:

 

CREATE OR REPLACE CONNECTION IMPALA_CONNECTION TO 'jdbc:impala://<server_name>:<port>;AuthMech=1;KrbRealm=BDSIM.SIT.PBZ.HR; KrbHostFQDN=<servername@BDSIM.SIT.PBZ.HR>; KrbService Name = 'impala';

USER bddwh@BDSIM.SIT.PBZ.HR IDENTIFIED BY 'large string from out.txt file'

 

I have tried with FQDN and with IP adress for server name.

The error message is also in attachment.

 

Thank you in advance!

Goran