Author: stevel Date: Tue Jul 1 14:25:30 2014 New Revision: 1607095 URL: http://svn.apache.org/r1607095 Log: SLIDER-192: use hadoop.security.authentication type as indicate whether to use security or not.
Modified: incubator/slider/site/trunk/content/docs/security.md Modified: incubator/slider/site/trunk/content/docs/security.md URL: http://svn.apache.org/viewvc/incubator/slider/site/trunk/content/docs/security.md?rev=1607095&r1=1607094&r2=1607095&view=diff ============================================================================== --- incubator/slider/site/trunk/content/docs/security.md (original) +++ incubator/slider/site/trunk/content/docs/security.md Tue Jul 1 14:25:30 2014 @@ -24,7 +24,7 @@ to deploy secure applications on a secur This document does not cover Kerberos, how to secure a Hadoop cluster, Kerberos command line tools or how Hadoop uses delegation tokens to delegate permissions -round a cluster. These are assumed, though some links to useful pages are +round a cluster. These are prerequisites &em;though some links to useful pages are listed at the bottom. @@ -72,20 +72,21 @@ Slider runs in secure clusters, but with * Slider application instance and HBase instance to remain functional and secure over an indefinite period of time. ### Initial Non-requirements -* secure audit trail of cluster operations. -* multiple authorized users being granted rights to a Slider Cluster (YARN admins can always kill the Slider application instance. -* More than one HBase cluster in the YARN cluster belonging to a single user (irrespective of how they are started). +* Secure audit trail of cluster operations. +* Multiple authorized users being granted rights to a Slider Cluster (YARN admins can always kill the Slider application instance. * Any way to revoke certificates/rights of running containers. ### Assumptions * Kerberos is running and that HDFS and YARN are running Kerberized. * LDAP cannot be assumed. -* Credentials needed for HBase can be pushed out into the local filesystems of +* Credentials needed for the application can be pushed out into the local filesystems of the of the worker nodes via some external mechanism (e.g. scp), and protected by the access permissions of the native filesystem. Any user with access to these credentials is considered to have been granted such rights. -* These credentials can outlive the duration of the HBase containers -* The user running HBase has the same identity as that of the HBase cluster. +* These credentials can outlive the duration of the application instances +* The user running the application has the same identity as that of the application. +* All application instances run by a single user can share the same machine-specific +kerberos identities. ## Design @@ -172,7 +173,7 @@ They can also be set on the Slider comma -S java.security.krb5.realm=MINICLUSTER -S java.security.krb5.kdc=hadoop-kdc -### Java Cryptography Exceptions +### Important: Java Cryptography Package When trying to talk to a secure, cluster you may see the message: @@ -184,6 +185,8 @@ needed to work with the keys that Kerber from Oracle (or other supplier of the JVM) and installed according to its accompanying instructions. + + ## Useful Links 1. [Adding Security to Apache Hadoop](http://hortonworks.com/wp-content/uploads/2011/10/security-design_withCover-1.pdf)