Todd Lipcon has posted comments on this change. Change subject: [docs] Add security guide ......................................................................
Patch Set 1: (20 comments) http://gerrit.cloudera.org:8080/#/c/6479/1/docs/security.adoc File docs/security.adoc: Line 31: access from unwanted users. This guide will explain the security features > change to 'unauthorized users'? Done PS1, Line 38: amongst > "among" Done PS1, Line 40: gaining access to Kudu > maybe add something like "and securely identifies the connecting user for t Done Line 48: but will allow unauthenticated connections. When `disabled`, Kudu will only > perhaps add a 'NOTE' section saying something about how the 'optional' auth Done PS1, Line 51: 1000's > "thousands" Done PS1, Line 54: Master > We don't usually capitalize this, IIRC. Done Line 60: Kudu uses an internal PKI system to issue certificate credentials to servers in > specify X509 Done PS1, Line 67: internally issued > nit: internally-issued Done PS1, Line 72: , : see <<known-limitations>> for more information. > punctuation actually decided to remove this since it's user-facing docs and "in the future" is too fuzzy PS1, Line 78: when authenticating > to authenticate Done PS1, Line 80: For the most : part > Is there any circumstances under which a token is NOT transparent? If no, t there are some cases (eg when writing integrations with things like spark/impala/drill/etc) where people may need to care, so leaving it. But I don't want to explain the details here since it may distract from the overall docs. Line 110: web UI HTTPS configuration. > do we need to mention http basic authentication is also supported, even tho I noticed that the webserver_password_file flag is not marked as 'stable' yet so I think we should avoid documenting it until it is. Do you mind doing another patch for 1.4 which marks them as stable and adds docs? Line 113: be redacted. (TODO: explain how to turn this off). Table metadata, such as table > @Todd, looking at logging.h , just realized we are using the same value of yea, I think that's a mistake though since you added the ability to group. Let's not document for now and later switch it to a separate 'web' flag. PS1, Line 115: disabled setting > disabled by setting Done Line 142: # OR, turn off the web UI entirely. > Would be nice to reformat to emphasize this OR is vs. all of the --webserve Done PS1, Line 152: some > extra some Done PS1, Line 156: Long-lived Tokens:: Kudu clients do not yet automatically request fresh tokens : after initial token expiration, so long-lived clients in secure clusters are not : supported. > Does this affect Impala? Or is the lifespan of a Kudu client scoped to an i Done PS1, Line 163: externally issued > externally-issued Done PS1, Line 166: Fine-grained Authorization:: Kudu does not have the ability to restrict access : based on operation type or target (table, column, etc). > This is the first I'm seeing about authz; I take it some documentation on " Done Line 172: Web UI Authentication:: The Kudu web UI lacks authentication, so individual > At least we support http basic authentication, do we need to be more specif see above, I think we should mark it stable before documenting? -- To view, visit http://gerrit.cloudera.org:8080/6479 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-MessageType: comment Gerrit-Change-Id: Iabf60804975dc105243626be48d3a141c9a4dab5 Gerrit-PatchSet: 1 Gerrit-Project: kudu Gerrit-Branch: master Gerrit-Owner: Dan Burkert <[email protected]> Gerrit-Reviewer: Adar Dembo <[email protected]> Gerrit-Reviewer: Alexey Serbin <[email protected]> Gerrit-Reviewer: Ambreen Kazi <[email protected]> Gerrit-Reviewer: Dan Burkert <[email protected]> Gerrit-Reviewer: Hao Hao <[email protected]> Gerrit-Reviewer: Jean-Daniel Cryans <[email protected]> Gerrit-Reviewer: Kudu Jenkins Gerrit-Reviewer: Mike Percy <[email protected]> Gerrit-Reviewer: Todd Lipcon <[email protected]> Gerrit-Reviewer: Will Berkeley <[email protected]> Gerrit-HasComments: Yes
