Lustre's autoconf scripts require Kerberos to be installed when --enable-gss is specified. Currently, only the Kerberos GSSAPI mechanism supported by Lustre, but others are planned in the future, such as those being developed for shared key authentication (project SFS-DEV-001.2). GSSAPI is meant to allow calling code to be mechanism-agnostic, so requiring Kerberos defeats that purpose.
The definition of the LC_CONFIG_GSS macro in lustre/autoconf/lustre-core.m4 unconditionally calls AC_KERBEROS_V5 from lustre/autoconf/kerberos.m4, which fails when Kerberos isn't found:
dnl We didn't find a usable Kerberos environment
if test "x$KRBDIR" = "x"; then
if test "x$krb5_with" = "x"; then
AC_MSG_ERROR(Kerberos v5 with GSS support not found: consider --disable-gss or --with-krb5=)
AC_MSG_ERROR(Kerberos v5 with GSS support not found at $krb5_with)
This macro ought to instead note the location of the Kerberos headers and libraries but not result in a fatal error if they don't exist. I don't know if this approach will result in link-time or runtime errors that would also need to be corrected.
Ubuntu also needs GSS libraries: