[
https://issues.apache.org/jira/browse/HADOOP-8215?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13244654#comment-13244654
]
Todd Lipcon commented on HADOOP-8215:
-------------------------------------
I'm starting to work on this. Here's the plan:
bq. integrate with ZK authentication (kerberos or password-based)
Based on https://github.com/ekoontz/zookeeper/wiki and
http://hbase.apache.org/configuration.html#zk.sasl.auth it looks like the SASL
setup is a bit complicated, though entirely configuration based. I think for a
first pass we should be OK to just use password-based authentication for ZK. I
think this is sufficient because we have a well-defined set of clients that
need to access these znodes, and they don't contain any content that needs to
be encrypted over the wire. We can add SASL support later.
bq. allow the user to configure ACLs for the relevant znodes
This is reasonably straightforward - just needs some additional configuration
keys to specify the ACL, and then tying it in to where we create the znodes.
bq. add keytab configuration and login to the ZKFC daemons
I think it should be OK to re-use the namenode principals here. That simplifies
deployment since it avoids having to add new principals to the KDC, and given
that the ZKFCs are intended to run on the same machines as the NNs, they will
have access to the keytab files by default. Please speak up if you think we
need separate keytabs/principals for the ZKFC daemons.
bq. ensure that the RPCs made by the health monitor and failover controller
properly authenticate to the target daemons
This is just a matter of making sure we set up the target principal in the
Configuration, and do the proper login/doAs before we start the main ZKFC code.
> Security support for ZK Failover controller
> -------------------------------------------
>
> Key: HADOOP-8215
> URL: https://issues.apache.org/jira/browse/HADOOP-8215
> Project: Hadoop Common
> Issue Type: Improvement
> Components: auto-failover, ha
> Affects Versions: 0.23.3, 0.24.0
> Reporter: Todd Lipcon
> Assignee: Todd Lipcon
> Priority: Critical
>
> To keep the initial patches manageable, kerberos security is not currently
> supported in the ZKFC implementation. This JIRA is to support the following
> important pieces for security:
> - integrate with ZK authentication (kerberos or password-based)
> - allow the user to configure ACLs for the relevant znodes
> - add keytab configuration and login to the ZKFC daemons
> - ensure that the RPCs made by the health monitor and failover controller
> properly authenticate to the target daemons
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
