Adding troubleshooting for kerberos

[Maleware]

Description

Adds brief docs on troubleshooting kerberos auth in hbase.

Definition of Done Checklist

• Not all of these items are applicable to all PRs, the author should update this template to only leave the boxes in that are relevant
• Please make sure all these things are done and tick the boxes

Author

• Changes are OpenShift compatible
• CRD changes approved
• CRD documentation for all fields, following the style guide.
• Helm chart can be installed and deployed operator works
• Integration tests passed (for non trivial changes)
• Changes need to be "offline" compatible
• Links to generated (nightly) docs added
• Release note snippet added

Reviewer

• Code contains useful comments
• Code contains useful logging statements
• (Integration-)Test cases added
• Documentation added or updated. Follows the style guide.
• Changelog updated
• Cargo.toml only contains references to git tags (not specific commits or branches)

Acceptance

• Feature Tracker has been updated
• Proper release label has been added
• Links to generated (nightly) docs added
• Release note snippet added
• Add type/deprecation label & add to the deprecation schedule
• Add type/experimental label & add to the experimental features tracker

[sbernauer]

Suggested change

	== Hbase access with kerberos authentication
	== HBase access with Kerberos authentication

[sbernauer]

Pls separate sentences with newlines (in docs)

Suggested change

	Currently, xref:zookeeper:index.adoc[Zookeeper] is not secured with authentication. This means, if an application tries to connect to Hbase, it would ask the zookeeper quorum to figure the correct nodes to talk to. In a Java world, you would define a `Client` which would carry the kerberos requirements.
	Currently, xref:zookeeper:index.adoc[Zookeeper] stacklets can only be secured using mutual TLS.
	This means, if an application tries to connect to HBase, it would contact Zookeeper to figure the correct HBase nodes to talk to.
	In a Java world, you would define a `Client` which would carry the Kerberos requirements.

[sbernauer]

Suggested change

	However, those requirements might be passed through and thus your client ( e.g. xref:spark-k8s:usage-guide:operations:applications.adoc[SparkApplications] ) would try to authenticate with kerberos at the corresponding Zookeeper endpoint. This will result in a kerberos ( authentication ) error.
	However, those requirements might be passed through and thus your client (e.g. xref:spark-k8s:usage-guide:operations:applications.adoc[SparkApplications]) would try to authenticate with Kerberos at the corresponding Zookeeper endpoint.
	This will result in a Kerberos ( authentication ) error.

[sbernauer]

Suggested change

	To prevent this, you can set a jvm argument like ( again e.g. SparkApplications )
	To prevent this, you can set a JVM argument like this (again e.g. SparkApplications) in all Pods which would like to talk to HBase:

[sbernauer]

AFAIK we normally use 2 spaces

Suggested change

	jvmArgumentOverrides:
	add:
	- "-Dzookeeper.sasl.client=false"
	jvmArgumentOverrides:
	add:
	- "-Dzookeeper.sasl.client=false"

[sbernauer]

Suggested change

	in all pods which would like to talk to Hbase.

[sbernauer]

Can you please link to https://docs.stackable.tech/home/stable/concepts/overrides/#jvm-argument-overrides?
Please make sure the docs still build afterwards (you need to build the documentation repo locally for that)