Connecting Db2 Big SQL to a Hadoop cluster with a manually managed Kerberos configuration

To connect Db2 Big SQL to a Cloudera Hadoop cluster that is secured by Kerberos when the Kerberos configuration is not managed by Cloudera Manager, you must update the Db2 Big SQL secret after you provision a Db2 Big SQL instance.

1. Log in to Red Hat® OpenShift® Container Platform as an instance administrator.

   ${OC_LOGIN}

   Remember: OC_LOGIN is an alias for the oc login command.
2. Change to the project where the IBM® Software Hub control plane is installed:

   oc project ${PROJECT_CPD_INST_OPERANDS}

3. Get the Db2 Big SQL secret:

   export bigsqlSecret=$(oc get secret | grep bigsql-secret | awk '{print $1}')

4. Convert the Kerberos configuration file to a secret:

   export secret=$(base64 krb5.conf | awk ' { secret = secret $0 }; END { print secret } ')

5. Update the Db2 Big SQL secret with the Kerberos secret:

   oc patch secret $bigsqlSecret --patch '{"data": {"krb5-conf": "'$secret'"}}'

6. Update the Db2 Big SQL secret with the Kerberos krbPrincipal.
   Note: Adjust the Kerberos admin principal to match the principal in your environment.

   oc patch secret $bigsqlSecret --patch '{"data": {"krbPrincipal": "'$(printf 'root/admin@IBM.COM' | base64)'"}}'

7. Update the Db2 Big SQL secret with the Kerberos password.
   Note: Adjust the Kerberos admin password to match the password in your environment.

   oc patch secret $bigsqlSecret --patch '{"data": {"krbPassword": "'$(printf 'admin' | base64)'"}}'

8. Get the Db2 Big SQL custom resource name:

   export cr_name=$(oc get cm bigsql-db2-big-sql-1-cm -o custom-columns=CR_NAME:.metadata.labels.app --no-headers=true)

9. Trigger the refresh of the Hadoop configuration:

   oc patch bigsql $cr_name --patch '{"spec": {"hadoopCluster": {"generation": 2}}}' --type merge

10. Wait until Db2 Big SQL is in a Ready state:

    oc get bigsql

11. Restart the Db2 Big SQL instance:

    oc exec -it c-$cr_name-db2u-0 -- su - db2inst1 -c 'bigsql stop; bigsql start'