[jira] [Updated] (AMBARI-22803) Update Hadoop RPC Encryption Properties During Kerberization
[
https://issues.apache.org/jira/browse/AMBARI-22803?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sandor Molnar updated AMBARI-22803:
---
Resolution: Fixed
Status: Resolved (was: Patch Available)
> Update Hadoop RPC Encryption Properties During Kerberization
>
>
> Key: AMBARI-22803
> URL: https://issues.apache.org/jira/browse/AMBARI-22803
> Project: Ambari
> Issue Type: Task
> Components: ambari-server
>Affects Versions: 2.7.0
>Reporter: Jonathan Hurley
>Assignee: Sandor Molnar
>Priority: Critical
> Fix For: 2.7.0
>
> Attachments: AMBARI-22803.patch
>
>
> When *HDP 3.0.0* is installed, clients should have the ability to choose
> encrypted communication over RPC when talking to core hadoop components.
> Today, the properties that control this are:
> - {{core-site.xml : hadoop.rpc.protection = authentication}}
> - {{hdfs-site.xml : dfs.data.transfer.protection = authentication}}
> The new value of {{privacy}} enables clients to choose an encrypted means of
> communication. By keeping {{authentication}} first, it will be taken as the
> default mechanism so that wire encryption is not automatically enabled by
> accident.
> The following properties should be changed to add {{privacy}}:
> - {{core-site.xml : hadoop.rpc.protection = authentication,privacy}}
> - {{hdfs-site.xml : dfs.data.transfer.protection = authentication,privacy}}
> The following are cases when this needs to be performed:
> - During Kerberization, the above two properties should be automatically
> reconfigured.
> - During a stack upgrade to any version of *HDP 3.0.0* is covered by
> AMBARI-22981
> Blueprint deployment is not a scenario being covered here.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Updated] (AMBARI-22803) Update Hadoop RPC Encryption Properties During Kerberization
[
https://issues.apache.org/jira/browse/AMBARI-22803?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sandor Molnar updated AMBARI-22803:
---
Status: Patch Available (was: In Progress)
> Update Hadoop RPC Encryption Properties During Kerberization
>
>
> Key: AMBARI-22803
> URL: https://issues.apache.org/jira/browse/AMBARI-22803
> Project: Ambari
> Issue Type: Task
> Components: ambari-server
>Affects Versions: 2.7.0
>Reporter: Jonathan Hurley
>Assignee: Sandor Molnar
>Priority: Critical
> Fix For: 2.7.0
>
> Attachments: AMBARI-22803.patch
>
>
> When *HDP 3.0.0* is installed, clients should have the ability to choose
> encrypted communication over RPC when talking to core hadoop components.
> Today, the properties that control this are:
> - {{core-site.xml : hadoop.rpc.protection = authentication}}
> - {{hdfs-site.xml : dfs.data.transfer.protection = authentication}}
> The new value of {{privacy}} enables clients to choose an encrypted means of
> communication. By keeping {{authentication}} first, it will be taken as the
> default mechanism so that wire encryption is not automatically enabled by
> accident.
> The following properties should be changed to add {{privacy}}:
> - {{core-site.xml : hadoop.rpc.protection = authentication,privacy}}
> - {{hdfs-site.xml : dfs.data.transfer.protection = authentication,privacy}}
> The following are cases when this needs to be performed:
> - During Kerberization, the above two properties should be automatically
> reconfigured.
> - During a stack upgrade to any version of *HDP 3.0.0* is covered by
> AMBARI-22981
> Blueprint deployment is not a scenario being covered here.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Updated] (AMBARI-22803) Update Hadoop RPC Encryption Properties During Kerberization
[
https://issues.apache.org/jira/browse/AMBARI-22803?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sandor Molnar updated AMBARI-22803:
---
Description:
When *HDP 3.0.0* is installed, clients should have the ability to choose
encrypted communication over RPC when talking to core hadoop components. Today,
the properties that control this are:
- {{core-site.xml : hadoop.rpc.protection = authentication}}
- {{hdfs-site.xml : dfs.data.transfer.protection = authentication}}
The new value of {{privacy}} enables clients to choose an encrypted means of
communication. By keeping {{authentication}} first, it will be taken as the
default mechanism so that wire encryption is not automatically enabled by
accident.
The following properties should be changed to add {{privacy}}:
- {{core-site.xml : hadoop.rpc.protection = authentication,privacy}}
- {{hdfs-site.xml : dfs.data.transfer.protection = authentication,privacy}}
The following are cases when this needs to be performed:
- During Kerberization, the above two properties should be automatically
reconfigured.
- During a stack upgrade to any version of *HDP 3.0.0* is covered by
AMBARI-22981
Blueprint deployment is not a scenario being covered here.
was:
When *HDP 3.0.0* is installed, clients should have the ability to choose
encrypted communication over RPC when talking to core hadoop components. Today,
the properties that control this are:
- {{core-site.xml : hadoop.rpc.protection = authentication}}
- {{hdfs-site.xml : dfs.data.transfer.protection = authentication}}
The new value of {{privacy}} enables clients to choose an encrypted means of
communication. By keeping {{authentication}} first, it will be taken as the
default mechanism so that wire encryption is not automatically enabled by
accident.
The following properties should be changed to add {{privacy}}:
- {{core-site.xml : hadoop.rpc.protection = authentication,privacy}}
- {{hdfs-site.xml : dfs.data.transfer.protection = authentication,privacy}}
The following are cases when this needs to be performed:
- During Kerberization, the above two properties should be automatically
reconfigured.
- During a stack upgrade to any version of *HDP 3.0.0*, they should be
automatically merged
Blueprint deployment is not a scenario being covered here.
> Update Hadoop RPC Encryption Properties During Kerberization
>
>
> Key: AMBARI-22803
> URL: https://issues.apache.org/jira/browse/AMBARI-22803
> Project: Ambari
> Issue Type: Task
> Components: ambari-server
>Affects Versions: 2.7.0
>Reporter: Jonathan Hurley
>Assignee: Sandor Molnar
>Priority: Critical
> Fix For: 2.7.0
>
> Attachments: AMBARI-22803.patch
>
>
> When *HDP 3.0.0* is installed, clients should have the ability to choose
> encrypted communication over RPC when talking to core hadoop components.
> Today, the properties that control this are:
> - {{core-site.xml : hadoop.rpc.protection = authentication}}
> - {{hdfs-site.xml : dfs.data.transfer.protection = authentication}}
> The new value of {{privacy}} enables clients to choose an encrypted means of
> communication. By keeping {{authentication}} first, it will be taken as the
> default mechanism so that wire encryption is not automatically enabled by
> accident.
> The following properties should be changed to add {{privacy}}:
> - {{core-site.xml : hadoop.rpc.protection = authentication,privacy}}
> - {{hdfs-site.xml : dfs.data.transfer.protection = authentication,privacy}}
> The following are cases when this needs to be performed:
> - During Kerberization, the above two properties should be automatically
> reconfigured.
> - During a stack upgrade to any version of *HDP 3.0.0* is covered by
> AMBARI-22981
> Blueprint deployment is not a scenario being covered here.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Updated] (AMBARI-22803) Update Hadoop RPC Encryption Properties During Kerberization
[
https://issues.apache.org/jira/browse/AMBARI-22803?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sandor Molnar updated AMBARI-22803:
---
Summary: Update Hadoop RPC Encryption Properties During Kerberization
(was: Update Hadoop RPC Encryption Properties During Kerberization and Upgrade)
> Update Hadoop RPC Encryption Properties During Kerberization
>
>
> Key: AMBARI-22803
> URL: https://issues.apache.org/jira/browse/AMBARI-22803
> Project: Ambari
> Issue Type: Task
> Components: ambari-server
>Affects Versions: 2.7.0
>Reporter: Jonathan Hurley
>Assignee: Sandor Molnar
>Priority: Critical
> Fix For: 2.7.0
>
> Attachments: AMBARI-22803.patch
>
>
> When *HDP 3.0.0* is installed, clients should have the ability to choose
> encrypted communication over RPC when talking to core hadoop components.
> Today, the properties that control this are:
> - {{core-site.xml : hadoop.rpc.protection = authentication}}
> - {{hdfs-site.xml : dfs.data.transfer.protection = authentication}}
> The new value of {{privacy}} enables clients to choose an encrypted means of
> communication. By keeping {{authentication}} first, it will be taken as the
> default mechanism so that wire encryption is not automatically enabled by
> accident.
> The following properties should be changed to add {{privacy}}:
> - {{core-site.xml : hadoop.rpc.protection = authentication,privacy}}
> - {{hdfs-site.xml : dfs.data.transfer.protection = authentication,privacy}}
> The following are cases when this needs to be performed:
> - During Kerberization, the above two properties should be automatically
> reconfigured.
> - During a stack upgrade to any version of *HDP 3.0.0*, they should be
> automatically merged
> Blueprint deployment is not a scenario being covered here.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Updated] (AMBARI-22803) Update Hadoop RPC Encryption Properties During Kerberization and Upgrade
[
https://issues.apache.org/jira/browse/AMBARI-22803?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Robert Levas updated AMBARI-22803:
--
Description:
When *HDP 3.0.0* is installed, clients should have the ability to choose
encrypted communication over RPC when talking to core hadoop components. Today,
the properties that control this are:
- {{core-site.xml : hadoop.rpc.protection = authentication}}
- {{hdfs-site.xml : dfs.data.transfer.protection = authentication}}
The new value of {{privacy}} enables clients to choose an encrypted means of
communication. By keeping {{authentication}} first, it will be taken as the
default mechanism so that wire encryption is not automatically enabled by
accident.
The following properties should be changed to add {{privacy}}:
- {{core-site.xml : hadoop.rpc.protection = authentication,privacy}}
- {{hdfs-site.xml : dfs.data.transfer.protection = authentication,privacy}}
The following are cases when this needs to be performed:
- During Kerberization, the above two properties should be automatically
reconfigured.
- During a stack upgrade to any version of *HDP 3.0.0*, they should be
automatically merged
Blueprint deployment is not a scenario being covered here.
was:
When *HDP 3.0.0* is installed, clients should have the ability to choose
encrypted communication over RPC when talking to core hadoop components. Today,
the properties that control this are:
- {{core-site.xml : hadoop.rpc.protection = authentication}}
- {{hdfs-site.xml : dfs.data.transfer.protection = authentication}}
The new value of {{privacy}} enables clients to choose an encrypted means of
communication. By keeping {{authentication}} first, it will be taken as the
default mechanism so that wire encryption is not automatically enabled by
accident.
The following properties should be changed to add {{privacy}}:
- {{core-site.xml : hadoop.rpc.protection = authentication,privacy}}
- {{hdfs-site.xml : dfs.data.transfer.protection = authentication,privacy}}
The following are cases when this needs to be performed:
- During Kerberization, the above two properties should be automatically
reconfigured.
- During a stack upgrade to any version of HDP 2.6, they should be
automatically merged
Blueprint deployment is not a scenario being covered here.
> Update Hadoop RPC Encryption Properties During Kerberization and Upgrade
>
>
> Key: AMBARI-22803
> URL: https://issues.apache.org/jira/browse/AMBARI-22803
> Project: Ambari
> Issue Type: Task
> Components: ambari-server
>Affects Versions: 2.7.0
>Reporter: Jonathan Hurley
>Assignee: Sandor Molnar
>Priority: Critical
> Fix For: 2.7.0
>
> Attachments: AMBARI-22803.patch
>
>
> When *HDP 3.0.0* is installed, clients should have the ability to choose
> encrypted communication over RPC when talking to core hadoop components.
> Today, the properties that control this are:
> - {{core-site.xml : hadoop.rpc.protection = authentication}}
> - {{hdfs-site.xml : dfs.data.transfer.protection = authentication}}
> The new value of {{privacy}} enables clients to choose an encrypted means of
> communication. By keeping {{authentication}} first, it will be taken as the
> default mechanism so that wire encryption is not automatically enabled by
> accident.
> The following properties should be changed to add {{privacy}}:
> - {{core-site.xml : hadoop.rpc.protection = authentication,privacy}}
> - {{hdfs-site.xml : dfs.data.transfer.protection = authentication,privacy}}
> The following are cases when this needs to be performed:
> - During Kerberization, the above two properties should be automatically
> reconfigured.
> - During a stack upgrade to any version of *HDP 3.0.0*, they should be
> automatically merged
> Blueprint deployment is not a scenario being covered here.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Updated] (AMBARI-22803) Update Hadoop RPC Encryption Properties During Kerberization and Upgrade
[
https://issues.apache.org/jira/browse/AMBARI-22803?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jonathan Hurley updated AMBARI-22803:
-
Attachment: AMBARI-22803.patch
> Update Hadoop RPC Encryption Properties During Kerberization and Upgrade
>
>
> Key: AMBARI-22803
> URL: https://issues.apache.org/jira/browse/AMBARI-22803
> Project: Ambari
> Issue Type: Task
> Components: ambari-server
>Affects Versions: 2.7.0
>Reporter: Jonathan Hurley
>Assignee: Sandor Molnar
>Priority: Critical
> Fix For: 2.7.0
>
> Attachments: AMBARI-22803.patch
>
>
> When *HDP 3.0.0* is installed, clients should have the ability to choose
> encrypted communication over RPC when talking to core hadoop components.
> Today, the properties that control this are:
> - {{core-site.xml : hadoop.rpc.protection = authentication}}
> - {{hdfs-site.xml : dfs.data.transfer.protection = authentication}}
> The new value of {{privacy}} enables clients to choose an encrypted means of
> communication. By keeping {{authentication}} first, it will be taken as the
> default mechanism so that wire encryption is not automatically enabled by
> accident.
> The following properties should be changed to add {{privacy}}:
> - {{core-site.xml : hadoop.rpc.protection = authentication,privacy}}
> - {{hdfs-site.xml : dfs.data.transfer.protection = authentication,privacy}}
> The following are cases when this needs to be performed:
> - During Kerberization, the above two properties should be automatically
> reconfigured.
> - During a stack upgrade to any version of HDP 2.6, they should be
> automatically merged
> Blueprint deployment is not a scenario being covered here.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Updated] (AMBARI-22803) Update Hadoop RPC Encryption Properties During Kerberization and Upgrade
[
https://issues.apache.org/jira/browse/AMBARI-22803?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Robert Levas updated AMBARI-22803:
--
Description:
When *HDP 3.0.0* is installed, clients should have the ability to choose
encrypted communication over RPC when talking to core hadoop components. Today,
the properties that control this are:
- {{core-site.xml : hadoop.rpc.protection = authentication}}
- {{hdfs-site.xml : dfs.data.transfer.protection = authentication}}
The new value of {{privacy}} enables clients to choose an encrypted means of
communication. By keeping {{authentication}} first, it will be taken as the
default mechanism so that wire encryption is not automatically enabled by
accident.
The following properties should be changed to add {{privacy}}:
- {{core-site.xml : hadoop.rpc.protection = authentication,privacy}}
- {{hdfs-site.xml : dfs.data.transfer.protection = authentication,privacy}}
The following are cases when this needs to be performed:
- During Kerberization, the above two properties should be automatically
reconfigured.
- During a stack upgrade to any version of HDP 2.6, they should be
automatically merged
Blueprint deployment is not a scenario being covered here.
was:
Clients should have the ability to choose encrypted communication over RPC when
talking to core hadoop components. Today, the properties that control this are:
- {{core-site.xml : hadoop.rpc.protection = authentication}}
- {{hdfs-site.xml : dfs.data.transfer.protection = authentication}}
The new value of {{privacy}} enables clients to choose an encrypted means of
communication. By keeping {{authentication}} first, it will be taken as the
default mechanism so that wire encryption is not automatically enabled by
accident.
The following properties should be changed to add {{privacy}}:
- {{core-site.xml : hadoop.rpc.protection = authentication,privacy}}
- {{hdfs-site.xml : dfs.data.transfer.protection = authentication,privacy}}
The following are cases when this needs to be performed:
- During Kerberization, the above two properties should be automatically
reconfigured.
- During a stack upgrade to any version of HDP 2.6, they should be
automatically merged
Blueprint deployment is not a scenario being covered here.
> Update Hadoop RPC Encryption Properties During Kerberization and Upgrade
>
>
> Key: AMBARI-22803
> URL: https://issues.apache.org/jira/browse/AMBARI-22803
> Project: Ambari
> Issue Type: Task
> Components: ambari-server
>Affects Versions: 2.7.0
>Reporter: Jonathan Hurley
>Assignee: Robert Levas
>Priority: Critical
> Fix For: 2.7.0
>
>
> When *HDP 3.0.0* is installed, clients should have the ability to choose
> encrypted communication over RPC when talking to core hadoop components.
> Today, the properties that control this are:
> - {{core-site.xml : hadoop.rpc.protection = authentication}}
> - {{hdfs-site.xml : dfs.data.transfer.protection = authentication}}
> The new value of {{privacy}} enables clients to choose an encrypted means of
> communication. By keeping {{authentication}} first, it will be taken as the
> default mechanism so that wire encryption is not automatically enabled by
> accident.
> The following properties should be changed to add {{privacy}}:
> - {{core-site.xml : hadoop.rpc.protection = authentication,privacy}}
> - {{hdfs-site.xml : dfs.data.transfer.protection = authentication,privacy}}
> The following are cases when this needs to be performed:
> - During Kerberization, the above two properties should be automatically
> reconfigured.
> - During a stack upgrade to any version of HDP 2.6, they should be
> automatically merged
> Blueprint deployment is not a scenario being covered here.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Updated] (AMBARI-22803) Update Hadoop RPC Encryption Properties During Kerberization and Upgrade
[
https://issues.apache.org/jira/browse/AMBARI-22803?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Robert Levas updated AMBARI-22803:
--
Affects Version/s: (was: 2.6.2)
2.7.0
Fix Version/s: (was: 2.6.2)
2.7.0
> Update Hadoop RPC Encryption Properties During Kerberization and Upgrade
>
>
> Key: AMBARI-22803
> URL: https://issues.apache.org/jira/browse/AMBARI-22803
> Project: Ambari
> Issue Type: Task
> Components: ambari-server
>Affects Versions: 2.7.0
>Reporter: Jonathan Hurley
>Assignee: Robert Levas
>Priority: Critical
> Fix For: 2.7.0
>
>
> Clients should have the ability to choose encrypted communication over RPC
> when talking to core hadoop components. Today, the properties that control
> this are:
> - {{core-site.xml : hadoop.rpc.protection = authentication}}
> - {{hdfs-site.xml : dfs.data.transfer.protection = authentication}}
> The new value of {{privacy}} enables clients to choose an encrypted means of
> communication. By keeping {{authentication}} first, it will be taken as the
> default mechanism so that wire encryption is not automatically enabled by
> accident.
> The following properties should be changed to add {{privacy}}:
> - {{core-site.xml : hadoop.rpc.protection = authentication,privacy}}
> - {{hdfs-site.xml : dfs.data.transfer.protection = authentication,privacy}}
> The following are cases when this needs to be performed:
> - During Kerberization, the above two properties should be automatically
> reconfigured.
> - During a stack upgrade to any version of HDP 2.6, they should be
> automatically merged
> Blueprint deployment is not a scenario being covered here.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Updated] (AMBARI-22803) Update Hadoop RPC Encryption Properties During Kerberization and Upgrade
[
https://issues.apache.org/jira/browse/AMBARI-22803?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jonathan Hurley updated AMBARI-22803:
-
Affects Version/s: (was: 3.0.0)
2.6.2
> Update Hadoop RPC Encryption Properties During Kerberization and Upgrade
>
>
> Key: AMBARI-22803
> URL: https://issues.apache.org/jira/browse/AMBARI-22803
> Project: Ambari
> Issue Type: Task
> Components: ambari-server
>Affects Versions: 2.6.2
>Reporter: Jonathan Hurley
>Assignee: Jonathan Hurley
>Priority: Critical
> Fix For: 2.6.2
>
>
> Clients should have the ability to choose encrypted communication over RPC
> when talking to core hadoop components. Today, the properties that control
> this are:
> - {{core-site.xml : hadoop.rpc.protection = authentication}}
> - {{hdfs-site.xml : dfs.data.transfer.protection = authentication}}
> The new value of {{privacy}} enables clients to choose an encrypted means of
> communication. By keeping {{authentication}} first, it will be taken as the
> default mechanism so that wire encryption is not automatically enabled by
> accident.
> The following properties should be changed to add {{privacy}}:
> - {{core-site.xml : hadoop.rpc.protection = authentication,privacy}}
> - {{hdfs-site.xml : dfs.data.transfer.protection = authentication,privacy}}
> The following are cases when this needs to be performed:
> - During Kerberization, the above two properties should be automatically
> reconfigured.
> - During a stack upgrade to any version of HDP 2.6, they should be
> automatically merged
> Blueprint deployment is not a scenario being covered here.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Updated] (AMBARI-22803) Update Hadoop RPC Encryption Properties During Kerberization and Upgrade
[
https://issues.apache.org/jira/browse/AMBARI-22803?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jonathan Hurley updated AMBARI-22803:
-
Fix Version/s: (was: 3.0.0)
2.6.2
> Update Hadoop RPC Encryption Properties During Kerberization and Upgrade
>
>
> Key: AMBARI-22803
> URL: https://issues.apache.org/jira/browse/AMBARI-22803
> Project: Ambari
> Issue Type: Task
> Components: ambari-server
>Affects Versions: 2.6.2
>Reporter: Jonathan Hurley
>Assignee: Jonathan Hurley
>Priority: Critical
> Fix For: 2.6.2
>
>
> Clients should have the ability to choose encrypted communication over RPC
> when talking to core hadoop components. Today, the properties that control
> this are:
> - {{core-site.xml : hadoop.rpc.protection = authentication}}
> - {{hdfs-site.xml : dfs.data.transfer.protection = authentication}}
> The new value of {{privacy}} enables clients to choose an encrypted means of
> communication. By keeping {{authentication}} first, it will be taken as the
> default mechanism so that wire encryption is not automatically enabled by
> accident.
> The following properties should be changed to add {{privacy}}:
> - {{core-site.xml : hadoop.rpc.protection = authentication,privacy}}
> - {{hdfs-site.xml : dfs.data.transfer.protection = authentication,privacy}}
> The following are cases when this needs to be performed:
> - During Kerberization, the above two properties should be automatically
> reconfigured.
> - During a stack upgrade to any version of HDP 2.6, they should be
> automatically merged
> Blueprint deployment is not a scenario being covered here.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
