Before you begin

• •Ensure that the Hadoop Distributed File System administrator created a user account configured to access the Hadoop Distributed File System source system.
• •Ensure that you have the required permissions to access the Hadoop Distributed File System source system.
• •Configure one of the following authentication methods:
• - Kerberos. Requires the Secure Agent to work with a key distribution center (KDC).
• - Non-Kerberos. Requires a configuration file or an access URI to the Hadoop Distributed File System instance.
• •Configure a connection to the Hadoop Distributed File System source system in Administrator.

Verify permissions

Permissions for metadata extraction

• •Creates a user account to access the source system.
• •Grants the user read permissions to the directory from which you want to extract metadata.

Permissions to run data profiles

Permissions to run data classification

Permissions to run glossary association

Configure Kerberos authentication

• •hdfs.keytab
• •core-site.xml
• •hdfs-site.xml

1Open the hosts file located in the following directory on the Secure Agent machine: /etc/hosts
2Add the KDC server IP address to the hosts file in the following format: <KDC Server IP address> <Fully Qualified Name of the KDC server> <Alias Name>
3Save and close the hosts file.
4Copy the krb5.conf file to the following directory: <Secure Agent installation directory>/jdk/jre/lib/security
5Navigate to the directory on the Hadoop cluster node where you store the following files:
• - hdfs.keytab
• - core-site.xml
• - hdfs-site.xml
6Copy KEYTAB and XML files from the Hadoop cluster node to a local Secure Agent directory, for example : /data/Kerberos
You can modify the Kerberos configuration file.
The following code shows a sample Kerberos configuration file:
[libdefaults]
default_realm = *****
dns_lookup_kdc = false
dns_lookup_realm = false
ticket_lifetime = 86400
renew_lifetime = 604800
forwardable = true
default_tgs_enctypes = rc4-hmac
default_tkt_enctypes = rc4-hmac
permitted_enctypes = rc4-hmac
udp_preference_limit = 1
kdc_timeout = 3000
allow_weak_crypto=true
[realms]
<domain name> = {
kdc = *****
admin_server = *****
}
[domain_realm]
Note: If the Kerberos encryption algorithms are not compatible with Java Standard Edition version 11, you can add the allow_weak_crypto=true property in the Kerberos configuration file.
7Restart the Secure Agent machine.

Configure non-Kerberos authentication

If you have the following XML configuration files on your machine, place the files in a directory, for example: /data/Non-Kerberos
• - core-site.xml
• - hdfs-site.xml
If you don't have XML configuration files on your machine, continue to Create a connection.

Create a connection

1In Administrator, select Connections.
2Click New Connection.
3Enter the following connection details:

Property	Description
Connection Name	Unique name of the Hadoop Distributed File System connection that meets the following criteria: - Can contain alphanumeric characters, spaces, and the following special characters: _ . + - - Maximum length is 100 characters. - Is not case sensitive.
Description	Optional description of the connection. The maximum permitted length is 255 characters.
Type	Type of connection. Ensure that the type is Hadoop Files V2.

4If you want to use Kerberos authentication to connect to the Hadoop Distributed File System source system, enter the following properties:

Property	Description
Runtime Environment	A runtime environment is either Informatica Cloud Secure Agent or a serverless runtime environment.
NameNode URI	The access URI to the Hadoop Distributed File System instance.
Configuration Files Path	The directory that contains Kerberos Hadoop Distributed File System configuration files.
Keytab File	The path and file name of the keytab file that contains the encrypted keys and Kerberos principals for Kerberos login.
Principal Name	The principal name that you use to connect to Hadoop Distributed File System with Kerberos authentication.

5If you want to use non-Kerberos authentication with the configuration file to connect to the Hadoop Distributed File System source system, enter the following properties:

Property	Description
Runtime Environment	A runtime environment is either Informatica Cloud Secure Agent or a serverless runtime environment.
User Name	Name of the user that connects to the Hadoop Distributed File System instance.
NameNode URI	The access URI to the Hadoop Distributed File System instance in one of the following formats: - hdfs://<NameNodeURI>:<port>/ - hdfs://<NameNodeURI>:<port>/<source directory> Note: If you don't enter <source directory>, you can include the directory in Metadata Command Center. In the Filters area, select Folder and include the source directory.
Configuration Files Path	The directory that contains non-Kerberos Hadoop Distributed File System configuration files.

6If you want to use non-Kerberos authentication without the configuration file to connect to the Hadoop Distributed File System source system, enter the following properties:

Property	Description
Runtime Environment	A runtime environment is either Informatica Cloud Secure Agent or a serverless runtime environment.
User Name	Name of the user that connects to the Hadoop Distributed File System instance.
NameNode URI	The access URI to the Hadoop Distributed File System instance in one of the following formats: - hdfs://<NameNodeURI>:<port>/ - hdfs://<NameNodeURI>:<port>/<source directory> Note: If you don't enter <source directory>, you can include the directory in Metadata Command Center. In the Filters area, select Folder and include the source directory.

7Click Test Connection.