[jira] [Updated] (AMBARI-22803) Update Hadoop RPC Encryption Properties During Kerberization
[ https://issues.apache.org/jira/browse/AMBARI-22803?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sandor Molnar updated AMBARI-22803: --- Resolution: Fixed Status: Resolved (was: Patch Available) > Update Hadoop RPC Encryption Properties During Kerberization > > > Key: AMBARI-22803 > URL: https://issues.apache.org/jira/browse/AMBARI-22803 > Project: Ambari > Issue Type: Task > Components: ambari-server >Affects Versions: 2.7.0 >Reporter: Jonathan Hurley >Assignee: Sandor Molnar >Priority: Critical > Fix For: 2.7.0 > > Attachments: AMBARI-22803.patch > > > When *HDP 3.0.0* is installed, clients should have the ability to choose > encrypted communication over RPC when talking to core hadoop components. > Today, the properties that control this are: > - {{core-site.xml : hadoop.rpc.protection = authentication}} > - {{hdfs-site.xml : dfs.data.transfer.protection = authentication}} > The new value of {{privacy}} enables clients to choose an encrypted means of > communication. By keeping {{authentication}} first, it will be taken as the > default mechanism so that wire encryption is not automatically enabled by > accident. > The following properties should be changed to add {{privacy}}: > - {{core-site.xml : hadoop.rpc.protection = authentication,privacy}} > - {{hdfs-site.xml : dfs.data.transfer.protection = authentication,privacy}} > The following are cases when this needs to be performed: > - During Kerberization, the above two properties should be automatically > reconfigured. > - During a stack upgrade to any version of *HDP 3.0.0* is covered by > AMBARI-22981 > Blueprint deployment is not a scenario being covered here. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (AMBARI-22803) Update Hadoop RPC Encryption Properties During Kerberization
[ https://issues.apache.org/jira/browse/AMBARI-22803?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sandor Molnar updated AMBARI-22803: --- Status: Patch Available (was: In Progress) > Update Hadoop RPC Encryption Properties During Kerberization > > > Key: AMBARI-22803 > URL: https://issues.apache.org/jira/browse/AMBARI-22803 > Project: Ambari > Issue Type: Task > Components: ambari-server >Affects Versions: 2.7.0 >Reporter: Jonathan Hurley >Assignee: Sandor Molnar >Priority: Critical > Fix For: 2.7.0 > > Attachments: AMBARI-22803.patch > > > When *HDP 3.0.0* is installed, clients should have the ability to choose > encrypted communication over RPC when talking to core hadoop components. > Today, the properties that control this are: > - {{core-site.xml : hadoop.rpc.protection = authentication}} > - {{hdfs-site.xml : dfs.data.transfer.protection = authentication}} > The new value of {{privacy}} enables clients to choose an encrypted means of > communication. By keeping {{authentication}} first, it will be taken as the > default mechanism so that wire encryption is not automatically enabled by > accident. > The following properties should be changed to add {{privacy}}: > - {{core-site.xml : hadoop.rpc.protection = authentication,privacy}} > - {{hdfs-site.xml : dfs.data.transfer.protection = authentication,privacy}} > The following are cases when this needs to be performed: > - During Kerberization, the above two properties should be automatically > reconfigured. > - During a stack upgrade to any version of *HDP 3.0.0* is covered by > AMBARI-22981 > Blueprint deployment is not a scenario being covered here. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (AMBARI-22803) Update Hadoop RPC Encryption Properties During Kerberization
[ https://issues.apache.org/jira/browse/AMBARI-22803?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sandor Molnar updated AMBARI-22803: --- Description: When *HDP 3.0.0* is installed, clients should have the ability to choose encrypted communication over RPC when talking to core hadoop components. Today, the properties that control this are: - {{core-site.xml : hadoop.rpc.protection = authentication}} - {{hdfs-site.xml : dfs.data.transfer.protection = authentication}} The new value of {{privacy}} enables clients to choose an encrypted means of communication. By keeping {{authentication}} first, it will be taken as the default mechanism so that wire encryption is not automatically enabled by accident. The following properties should be changed to add {{privacy}}: - {{core-site.xml : hadoop.rpc.protection = authentication,privacy}} - {{hdfs-site.xml : dfs.data.transfer.protection = authentication,privacy}} The following are cases when this needs to be performed: - During Kerberization, the above two properties should be automatically reconfigured. - During a stack upgrade to any version of *HDP 3.0.0* is covered by AMBARI-22981 Blueprint deployment is not a scenario being covered here. was: When *HDP 3.0.0* is installed, clients should have the ability to choose encrypted communication over RPC when talking to core hadoop components. Today, the properties that control this are: - {{core-site.xml : hadoop.rpc.protection = authentication}} - {{hdfs-site.xml : dfs.data.transfer.protection = authentication}} The new value of {{privacy}} enables clients to choose an encrypted means of communication. By keeping {{authentication}} first, it will be taken as the default mechanism so that wire encryption is not automatically enabled by accident. The following properties should be changed to add {{privacy}}: - {{core-site.xml : hadoop.rpc.protection = authentication,privacy}} - {{hdfs-site.xml : dfs.data.transfer.protection = authentication,privacy}} The following are cases when this needs to be performed: - During Kerberization, the above two properties should be automatically reconfigured. - During a stack upgrade to any version of *HDP 3.0.0*, they should be automatically merged Blueprint deployment is not a scenario being covered here. > Update Hadoop RPC Encryption Properties During Kerberization > > > Key: AMBARI-22803 > URL: https://issues.apache.org/jira/browse/AMBARI-22803 > Project: Ambari > Issue Type: Task > Components: ambari-server >Affects Versions: 2.7.0 >Reporter: Jonathan Hurley >Assignee: Sandor Molnar >Priority: Critical > Fix For: 2.7.0 > > Attachments: AMBARI-22803.patch > > > When *HDP 3.0.0* is installed, clients should have the ability to choose > encrypted communication over RPC when talking to core hadoop components. > Today, the properties that control this are: > - {{core-site.xml : hadoop.rpc.protection = authentication}} > - {{hdfs-site.xml : dfs.data.transfer.protection = authentication}} > The new value of {{privacy}} enables clients to choose an encrypted means of > communication. By keeping {{authentication}} first, it will be taken as the > default mechanism so that wire encryption is not automatically enabled by > accident. > The following properties should be changed to add {{privacy}}: > - {{core-site.xml : hadoop.rpc.protection = authentication,privacy}} > - {{hdfs-site.xml : dfs.data.transfer.protection = authentication,privacy}} > The following are cases when this needs to be performed: > - During Kerberization, the above two properties should be automatically > reconfigured. > - During a stack upgrade to any version of *HDP 3.0.0* is covered by > AMBARI-22981 > Blueprint deployment is not a scenario being covered here. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (AMBARI-22803) Update Hadoop RPC Encryption Properties During Kerberization
[ https://issues.apache.org/jira/browse/AMBARI-22803?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sandor Molnar updated AMBARI-22803: --- Summary: Update Hadoop RPC Encryption Properties During Kerberization (was: Update Hadoop RPC Encryption Properties During Kerberization and Upgrade) > Update Hadoop RPC Encryption Properties During Kerberization > > > Key: AMBARI-22803 > URL: https://issues.apache.org/jira/browse/AMBARI-22803 > Project: Ambari > Issue Type: Task > Components: ambari-server >Affects Versions: 2.7.0 >Reporter: Jonathan Hurley >Assignee: Sandor Molnar >Priority: Critical > Fix For: 2.7.0 > > Attachments: AMBARI-22803.patch > > > When *HDP 3.0.0* is installed, clients should have the ability to choose > encrypted communication over RPC when talking to core hadoop components. > Today, the properties that control this are: > - {{core-site.xml : hadoop.rpc.protection = authentication}} > - {{hdfs-site.xml : dfs.data.transfer.protection = authentication}} > The new value of {{privacy}} enables clients to choose an encrypted means of > communication. By keeping {{authentication}} first, it will be taken as the > default mechanism so that wire encryption is not automatically enabled by > accident. > The following properties should be changed to add {{privacy}}: > - {{core-site.xml : hadoop.rpc.protection = authentication,privacy}} > - {{hdfs-site.xml : dfs.data.transfer.protection = authentication,privacy}} > The following are cases when this needs to be performed: > - During Kerberization, the above two properties should be automatically > reconfigured. > - During a stack upgrade to any version of *HDP 3.0.0*, they should be > automatically merged > Blueprint deployment is not a scenario being covered here. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (AMBARI-22803) Update Hadoop RPC Encryption Properties During Kerberization and Upgrade
[ https://issues.apache.org/jira/browse/AMBARI-22803?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Levas updated AMBARI-22803: -- Description: When *HDP 3.0.0* is installed, clients should have the ability to choose encrypted communication over RPC when talking to core hadoop components. Today, the properties that control this are: - {{core-site.xml : hadoop.rpc.protection = authentication}} - {{hdfs-site.xml : dfs.data.transfer.protection = authentication}} The new value of {{privacy}} enables clients to choose an encrypted means of communication. By keeping {{authentication}} first, it will be taken as the default mechanism so that wire encryption is not automatically enabled by accident. The following properties should be changed to add {{privacy}}: - {{core-site.xml : hadoop.rpc.protection = authentication,privacy}} - {{hdfs-site.xml : dfs.data.transfer.protection = authentication,privacy}} The following are cases when this needs to be performed: - During Kerberization, the above two properties should be automatically reconfigured. - During a stack upgrade to any version of *HDP 3.0.0*, they should be automatically merged Blueprint deployment is not a scenario being covered here. was: When *HDP 3.0.0* is installed, clients should have the ability to choose encrypted communication over RPC when talking to core hadoop components. Today, the properties that control this are: - {{core-site.xml : hadoop.rpc.protection = authentication}} - {{hdfs-site.xml : dfs.data.transfer.protection = authentication}} The new value of {{privacy}} enables clients to choose an encrypted means of communication. By keeping {{authentication}} first, it will be taken as the default mechanism so that wire encryption is not automatically enabled by accident. The following properties should be changed to add {{privacy}}: - {{core-site.xml : hadoop.rpc.protection = authentication,privacy}} - {{hdfs-site.xml : dfs.data.transfer.protection = authentication,privacy}} The following are cases when this needs to be performed: - During Kerberization, the above two properties should be automatically reconfigured. - During a stack upgrade to any version of HDP 2.6, they should be automatically merged Blueprint deployment is not a scenario being covered here. > Update Hadoop RPC Encryption Properties During Kerberization and Upgrade > > > Key: AMBARI-22803 > URL: https://issues.apache.org/jira/browse/AMBARI-22803 > Project: Ambari > Issue Type: Task > Components: ambari-server >Affects Versions: 2.7.0 >Reporter: Jonathan Hurley >Assignee: Sandor Molnar >Priority: Critical > Fix For: 2.7.0 > > Attachments: AMBARI-22803.patch > > > When *HDP 3.0.0* is installed, clients should have the ability to choose > encrypted communication over RPC when talking to core hadoop components. > Today, the properties that control this are: > - {{core-site.xml : hadoop.rpc.protection = authentication}} > - {{hdfs-site.xml : dfs.data.transfer.protection = authentication}} > The new value of {{privacy}} enables clients to choose an encrypted means of > communication. By keeping {{authentication}} first, it will be taken as the > default mechanism so that wire encryption is not automatically enabled by > accident. > The following properties should be changed to add {{privacy}}: > - {{core-site.xml : hadoop.rpc.protection = authentication,privacy}} > - {{hdfs-site.xml : dfs.data.transfer.protection = authentication,privacy}} > The following are cases when this needs to be performed: > - During Kerberization, the above two properties should be automatically > reconfigured. > - During a stack upgrade to any version of *HDP 3.0.0*, they should be > automatically merged > Blueprint deployment is not a scenario being covered here. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (AMBARI-22803) Update Hadoop RPC Encryption Properties During Kerberization and Upgrade
[ https://issues.apache.org/jira/browse/AMBARI-22803?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Jonathan Hurley updated AMBARI-22803: - Attachment: AMBARI-22803.patch > Update Hadoop RPC Encryption Properties During Kerberization and Upgrade > > > Key: AMBARI-22803 > URL: https://issues.apache.org/jira/browse/AMBARI-22803 > Project: Ambari > Issue Type: Task > Components: ambari-server >Affects Versions: 2.7.0 >Reporter: Jonathan Hurley >Assignee: Sandor Molnar >Priority: Critical > Fix For: 2.7.0 > > Attachments: AMBARI-22803.patch > > > When *HDP 3.0.0* is installed, clients should have the ability to choose > encrypted communication over RPC when talking to core hadoop components. > Today, the properties that control this are: > - {{core-site.xml : hadoop.rpc.protection = authentication}} > - {{hdfs-site.xml : dfs.data.transfer.protection = authentication}} > The new value of {{privacy}} enables clients to choose an encrypted means of > communication. By keeping {{authentication}} first, it will be taken as the > default mechanism so that wire encryption is not automatically enabled by > accident. > The following properties should be changed to add {{privacy}}: > - {{core-site.xml : hadoop.rpc.protection = authentication,privacy}} > - {{hdfs-site.xml : dfs.data.transfer.protection = authentication,privacy}} > The following are cases when this needs to be performed: > - During Kerberization, the above two properties should be automatically > reconfigured. > - During a stack upgrade to any version of HDP 2.6, they should be > automatically merged > Blueprint deployment is not a scenario being covered here. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (AMBARI-22803) Update Hadoop RPC Encryption Properties During Kerberization and Upgrade
[ https://issues.apache.org/jira/browse/AMBARI-22803?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Levas updated AMBARI-22803: -- Description: When *HDP 3.0.0* is installed, clients should have the ability to choose encrypted communication over RPC when talking to core hadoop components. Today, the properties that control this are: - {{core-site.xml : hadoop.rpc.protection = authentication}} - {{hdfs-site.xml : dfs.data.transfer.protection = authentication}} The new value of {{privacy}} enables clients to choose an encrypted means of communication. By keeping {{authentication}} first, it will be taken as the default mechanism so that wire encryption is not automatically enabled by accident. The following properties should be changed to add {{privacy}}: - {{core-site.xml : hadoop.rpc.protection = authentication,privacy}} - {{hdfs-site.xml : dfs.data.transfer.protection = authentication,privacy}} The following are cases when this needs to be performed: - During Kerberization, the above two properties should be automatically reconfigured. - During a stack upgrade to any version of HDP 2.6, they should be automatically merged Blueprint deployment is not a scenario being covered here. was: Clients should have the ability to choose encrypted communication over RPC when talking to core hadoop components. Today, the properties that control this are: - {{core-site.xml : hadoop.rpc.protection = authentication}} - {{hdfs-site.xml : dfs.data.transfer.protection = authentication}} The new value of {{privacy}} enables clients to choose an encrypted means of communication. By keeping {{authentication}} first, it will be taken as the default mechanism so that wire encryption is not automatically enabled by accident. The following properties should be changed to add {{privacy}}: - {{core-site.xml : hadoop.rpc.protection = authentication,privacy}} - {{hdfs-site.xml : dfs.data.transfer.protection = authentication,privacy}} The following are cases when this needs to be performed: - During Kerberization, the above two properties should be automatically reconfigured. - During a stack upgrade to any version of HDP 2.6, they should be automatically merged Blueprint deployment is not a scenario being covered here. > Update Hadoop RPC Encryption Properties During Kerberization and Upgrade > > > Key: AMBARI-22803 > URL: https://issues.apache.org/jira/browse/AMBARI-22803 > Project: Ambari > Issue Type: Task > Components: ambari-server >Affects Versions: 2.7.0 >Reporter: Jonathan Hurley >Assignee: Robert Levas >Priority: Critical > Fix For: 2.7.0 > > > When *HDP 3.0.0* is installed, clients should have the ability to choose > encrypted communication over RPC when talking to core hadoop components. > Today, the properties that control this are: > - {{core-site.xml : hadoop.rpc.protection = authentication}} > - {{hdfs-site.xml : dfs.data.transfer.protection = authentication}} > The new value of {{privacy}} enables clients to choose an encrypted means of > communication. By keeping {{authentication}} first, it will be taken as the > default mechanism so that wire encryption is not automatically enabled by > accident. > The following properties should be changed to add {{privacy}}: > - {{core-site.xml : hadoop.rpc.protection = authentication,privacy}} > - {{hdfs-site.xml : dfs.data.transfer.protection = authentication,privacy}} > The following are cases when this needs to be performed: > - During Kerberization, the above two properties should be automatically > reconfigured. > - During a stack upgrade to any version of HDP 2.6, they should be > automatically merged > Blueprint deployment is not a scenario being covered here. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (AMBARI-22803) Update Hadoop RPC Encryption Properties During Kerberization and Upgrade
[ https://issues.apache.org/jira/browse/AMBARI-22803?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Levas updated AMBARI-22803: -- Affects Version/s: (was: 2.6.2) 2.7.0 Fix Version/s: (was: 2.6.2) 2.7.0 > Update Hadoop RPC Encryption Properties During Kerberization and Upgrade > > > Key: AMBARI-22803 > URL: https://issues.apache.org/jira/browse/AMBARI-22803 > Project: Ambari > Issue Type: Task > Components: ambari-server >Affects Versions: 2.7.0 >Reporter: Jonathan Hurley >Assignee: Robert Levas >Priority: Critical > Fix For: 2.7.0 > > > Clients should have the ability to choose encrypted communication over RPC > when talking to core hadoop components. Today, the properties that control > this are: > - {{core-site.xml : hadoop.rpc.protection = authentication}} > - {{hdfs-site.xml : dfs.data.transfer.protection = authentication}} > The new value of {{privacy}} enables clients to choose an encrypted means of > communication. By keeping {{authentication}} first, it will be taken as the > default mechanism so that wire encryption is not automatically enabled by > accident. > The following properties should be changed to add {{privacy}}: > - {{core-site.xml : hadoop.rpc.protection = authentication,privacy}} > - {{hdfs-site.xml : dfs.data.transfer.protection = authentication,privacy}} > The following are cases when this needs to be performed: > - During Kerberization, the above two properties should be automatically > reconfigured. > - During a stack upgrade to any version of HDP 2.6, they should be > automatically merged > Blueprint deployment is not a scenario being covered here. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (AMBARI-22803) Update Hadoop RPC Encryption Properties During Kerberization and Upgrade
[ https://issues.apache.org/jira/browse/AMBARI-22803?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Jonathan Hurley updated AMBARI-22803: - Affects Version/s: (was: 3.0.0) 2.6.2 > Update Hadoop RPC Encryption Properties During Kerberization and Upgrade > > > Key: AMBARI-22803 > URL: https://issues.apache.org/jira/browse/AMBARI-22803 > Project: Ambari > Issue Type: Task > Components: ambari-server >Affects Versions: 2.6.2 >Reporter: Jonathan Hurley >Assignee: Jonathan Hurley >Priority: Critical > Fix For: 2.6.2 > > > Clients should have the ability to choose encrypted communication over RPC > when talking to core hadoop components. Today, the properties that control > this are: > - {{core-site.xml : hadoop.rpc.protection = authentication}} > - {{hdfs-site.xml : dfs.data.transfer.protection = authentication}} > The new value of {{privacy}} enables clients to choose an encrypted means of > communication. By keeping {{authentication}} first, it will be taken as the > default mechanism so that wire encryption is not automatically enabled by > accident. > The following properties should be changed to add {{privacy}}: > - {{core-site.xml : hadoop.rpc.protection = authentication,privacy}} > - {{hdfs-site.xml : dfs.data.transfer.protection = authentication,privacy}} > The following are cases when this needs to be performed: > - During Kerberization, the above two properties should be automatically > reconfigured. > - During a stack upgrade to any version of HDP 2.6, they should be > automatically merged > Blueprint deployment is not a scenario being covered here. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (AMBARI-22803) Update Hadoop RPC Encryption Properties During Kerberization and Upgrade
[ https://issues.apache.org/jira/browse/AMBARI-22803?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Jonathan Hurley updated AMBARI-22803: - Fix Version/s: (was: 3.0.0) 2.6.2 > Update Hadoop RPC Encryption Properties During Kerberization and Upgrade > > > Key: AMBARI-22803 > URL: https://issues.apache.org/jira/browse/AMBARI-22803 > Project: Ambari > Issue Type: Task > Components: ambari-server >Affects Versions: 2.6.2 >Reporter: Jonathan Hurley >Assignee: Jonathan Hurley >Priority: Critical > Fix For: 2.6.2 > > > Clients should have the ability to choose encrypted communication over RPC > when talking to core hadoop components. Today, the properties that control > this are: > - {{core-site.xml : hadoop.rpc.protection = authentication}} > - {{hdfs-site.xml : dfs.data.transfer.protection = authentication}} > The new value of {{privacy}} enables clients to choose an encrypted means of > communication. By keeping {{authentication}} first, it will be taken as the > default mechanism so that wire encryption is not automatically enabled by > accident. > The following properties should be changed to add {{privacy}}: > - {{core-site.xml : hadoop.rpc.protection = authentication,privacy}} > - {{hdfs-site.xml : dfs.data.transfer.protection = authentication,privacy}} > The following are cases when this needs to be performed: > - During Kerberization, the above two properties should be automatically > reconfigured. > - During a stack upgrade to any version of HDP 2.6, they should be > automatically merged > Blueprint deployment is not a scenario being covered here. -- This message was sent by Atlassian JIRA (v7.6.3#76005)