我已经设置了一个python docker映像，并包括一个krb5.conf文件，keytab文件和python库。我正在运行一个python脚本，该脚本对经过内核化的hadoop集群进行身份验证。我遇到了错误：Stderr: kinit: Client 'root@MY.DOMAIN.LOCAL' not found in Kerberos database while getting initial credentials.我不知道为什么在设置root时在客户端svc_account上失败了。我是否需要向此krb5.conf文件中添加某些内容或类似的内容？

以下是我的python代码：

import ssl
from impala.dbapi import connect
import os

os.system("kinit")
conn = connect(host='impala/server2primary.my.domain.local@MY.DOMAIN.LOCAL',port=21050,use_ssl=True,user='svc_account@MY.DOMAIN.LOCAL',auth_mechanism = 'GSSAPI')
cur = conn.cursor()
cur.execute('SHOW DATABASES;')
result=cur.fetchall()
for data in result:
    print (data)

我已经设置了krb5.keytab文件：

addent -password -p svc_account@MY.DOMAIN.LOCAL -k 1 -e rc4-hmac
addent -password -p svc_account@MY.DOMAIN.LOCAL -k 1 -e aes256-cts
addent -password -p svc_account@MY.DOMAIN.LOCAL -k 1 -e aes128-cts
wkt /etc/krb5.keytab 

以下是我的krb5.conf文件：

[libdefaults]
default_realm = MY.DOMAIN.LOCAL
dns_lookup_kdc = false
dns_lookup_realm = false
ticket_lifetime = 86400
renew_lifetime = 604800
forwardable = true
default_tgs_enctypes = aes256-cts aes128-cts rc4-hmac
default_tkt_enctypes = aes256-cts aes128-cts rc4-hmac
permitted_enctypes = aes256-cts aes128-cts rc4-hmac
udp_preference_limit = 1
kdc_timeout = 3000

[realms]
MY.DOMAIN.LOCAL = {
kdc = server1primary.my.domain.local
admin_server = server1primary.my.domain.local
default_domain = MY.DOMAIN.LOCAL
}

[domain_realm]
MY.DOMAIN.LOCAL = MY.DOMAIN.LOCAL