AnsweredAssumed Answered

kerberos on mapr

Question asked by cronysatish on Dec 9, 2016
Latest reply on Feb 1, 2017 by aalvarez

Hi All,

 

I am looking at security on mapr and have couple of questions on this.

 

1.  Is is possible to enable kerberos without enabling wire-level security (which I believe is enabling security).

 

2.  I have seen some explanation in a documentation which says. 

 

Configure HBase to use Kerberos 

 

My assumption is kerberizing mapr cluster is not possible without enabling security. Please correct me if I am wrong.  

  1. On a MapR cluster with security features enabled, replace the ${SIMPLE_LOGIN_OPTS} value of theMAPR_HBASE_SERVER_OPTS property with ${KERBEROS_LOGIN_OPTS} and the value of theMAPR_HBASE_CLIENT_OPTS property with ${HYBRID_LOGIN_OPTS}. Also remove the -Dzookeeper.sasl.client=false option from the definition of MAPR_HBASE_CLIENT_OPTS.

    These properties are located in the /opt/mapr/conf/env.sh file.

  2. On a MapR cluster with security features disabled, replace the ${SIMPLE_LOGIN_OPTS} value of theMAPR_HBASE_SERVER_OPTS and MAPR_HBASE_CLIENT_OPTS properties in the /opt/mapr/conf/env.sh file with ${KERBEROS_LOGIN_OPTS}.

Here it refers to kerberizing cluster with security features enabled and without security features enabled. I am confused with this.

 

Thanks all for you help.

Outcomes