You can disable Kerberos on your Db2 or Db2 Warehouse deployment.
Procedure
To disable Kerberos authentication, complete the following steps.
-
Update the db2uinstance custom resource (CR) and revert the database manager configurations by
modifying the following properties under the
instance.dbmConfig block.
instance:
dbmConfig:
AUTHENTICATION: "SERVER_ENCRYPT"
CLNT_KRB_PLUGIN: "NULL"
SRVCON_AUTH: "NOT_SPECIFIED"
SRVCON_GSSPLUGIN_LIST: "NULL"
- Delete the following properties under the
instance.registry block.
DB2AUTH: OSAUTHDB,ALLOW_LOCAL_FALLBACK
DB2ENVLIST: KRB5_KTNAME
- Save the CR.
The instance changes to NotReady and then back to Ready.
Kerberos is now disabled.
Note:
Do not remove the Volumesource for the db2u-krb5-config-cm configmap even when
disabling Kerberos.
Optionally, keytabs can be removed from under
/mnt/blumeta0/SystemConfig/kerberos.