[
https://issues.apache.org/jira/browse/SQOOP-1525?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14152324#comment-14152324
]
Jarek Jarcec Cecho commented on SQOOP-1525:
-------------------------------------------
Hi [~richard_zhou],
thank you very much for putting together the high-level proposal. Overall, the
proposal looks good to me, but I think that the devil will be details. Are you
planning to put together more technical proposal that will talk about newly
introduced classes/APIs that you're planning to create to support this or
libraries that you are gonna use for the implementation?
Couple of random ideas:
1) On the server side, are you planning to use Hadoop APIs or pure Java ones
(as for example Sentry is doing)?
2) We should be very careful with introducing Kerberos to the REST interface
as we don't want to leak a lot of dependencies to the client. For example, I
don't like Hive JDBC driver as it depends on entire Hadoop stack for just
Kerberos support (that is like hammer to kill a mosquito).
3) Doing this feature iteratively is completely fine - we can prepare some
instrumentation first before providing implementation.
4) I agree with your point about the order and it makes complete sense:
a) Make Sqoop server work with a secured cluster (while having insecure client
connections)
b) Make Sqoop client secure
c) Resolve 3rd party integration (hue, oozie, ...)
4) I particularly like how you are planning to make the authentication
facilities pluggable and I'm definitely for it. We should allow to switch to a
different implementation in the future shell we need that.
> Kerberos support on Sqoop 2
> ---------------------------
>
> Key: SQOOP-1525
> URL: https://issues.apache.org/jira/browse/SQOOP-1525
> Project: Sqoop
> Issue Type: Task
> Components: sqoop2-framework
> Affects Versions: 1.99.4
> Reporter: Richard
> Attachments: SQOOP-1525.pdf
>
>
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
