Connecting to Apache Solr Data Stores That Use Kerberos Authentication

A secure standalone or cloud Apache Solr can use Kerberos authentication to validate and confirm access requests. You can set up Zoomdata to connect to the secure Solr using the following instructions.

Configuring Zoomdata Services

Obtaining Kerberos Credentials

Each service must have its own unique identifier called a principal. Perform the following steps:

  1. Install the Kerberos client on the CentOS or Ubuntu machine where the Zoomdata Server resides.

  2. Generate Kerberos principal and corresponding keytab for Zoomdata service. Before you proceed, make sure that:

    • Zoomdata service is running on a node with proper Kerberos configuration: /etc/krb5.conf or similar location for your Linux distribution.
    • The Kerberos realm on your environment is the same as the realm specified in the kdc.conf file from the Apache Solr server.
  3. Check the Kerberos configuration (that is, krb5.conf) and validity of the principal and keytab pair using MIT Kerberos client:

    kinit -V -k -t <zoomdata_principal>.keytab <zoomdata_principal@KERBEROS.REALM>
  4. Make the keytab accessible for Zoomdata's Apache Solr connector:

    sudo mkdir /etc/zoomdata
    sudo mv <zoomdata_principal>.keytab /etc/zoomdata
    sudo chown zoomdata:zoomdata /etc/zoomdata/<zoomdata_principal>.keytab
    sudo chmod 600 /etc/zoomdata/<zoomdata_principal>.keytab

Configuring the Zoomdata Apache Solr Connector

  1. Create or update the file named /etc/zoomdata/ If this file already exists, verify that the information below exists in the file:

  2. Restart the Apache Solr connector:

    sudo systemctl restart zoomdata-edc-apache-solr

After you have obtained Kerberos credentials and configured the connector properties, follow the instructions provided in Connecting to Apache Solr to complete the connection.