Updated README with Kerberos information

smithzc · smithzc · commit 56969132ed90 · 2019-02-26T17:59:44.000Z
diff --git a/v6/README.md b/v6/README.md
@@ -57,6 +57,12 @@ In addition, further customization of the cluster deployment can be done by modi
 
 This does require some knowledge of Python - modify at your own risk.  These functions contain Cloudera specific tuning parameters as well as host mapping for roles.
 
+## Kerberos Secure Cluster by Default
+
+This automation now defaults to using a local KDC deployed on the Cloudera Manager instance for secure cluster operation.  Please read the scripts [README](../blob/master/scripts/README.md) for information regarding how to set these parameters prior to deployment.
+
+Also - for cluster management, you will need to manually create at a minimum the HDFS Superuser Principal as [detailed here](https://www.cloudera.com/documentation/enterprise/latest/topics/cm_sg_using_cm_sec_config.html#create-hdfs-superuser) after deployment.
+
 ## Cloudera Manager and Cluster Metadata Database
 You are able to customize which database you want to use for Cloudera Manager and Cluster Metadata.   In compute.tf you will see a "user_data" field for the Utility instance:
 
@@ -81,7 +87,11 @@ This will create all the required elements in a compartment in the target OCI te
 
 After Terraform is finished deploying, the output will show the Python syntax to trigger cluster deployment.  This command can be run immediately following deployment, as it has built-in checks to wait until Cloudera Manager API is up and responding before it executes deployment.  The syntax is as follows:
 
-	python scripts/deploy_on_oci.py -m <master_ip> -d <disk_count> -w <worker_shape>
+	python scripts/deploy_on_oci.py -B -m <master_ip> -d <disk_count> -w <worker_shape>
+
+It is also possible to destroy an existing cluster with this script using Cloudera Manager
+
+	python scripts/deploy_on_oci.py -D -m <master_ip>
 
 ## Destroy the Deployment
 
diff --git a/v6/scripts/README.md b/v6/scripts/README.md
@@ -14,7 +14,7 @@ With the introduction of local KDC for secure cluster, this requires some setup
   * kdc_server - This is the hostname where KDC is deployed (defaults to Cloudera Manager host)
   * realm - This is set to hadoop.com by default.
   * REALM - This is set to HADOOP.COM by default.
-* cm_boot_mysql.sh - 
+* cm_boot_mysql.sh 
   * KERBEROS_PASSWORD - This is used for the root/admin account.
   * SCM_USER_PASSWORD - By default the cloudera-scm user is given admin control of the KDC.  This is required for Cloudera Manager to setup and manage principals, and the password here is used by that account.
   * kdc_server - Defaults to local hostname.
