Thank you for the detailed answer. Regarding my 1st question - RPC for replication between master and slave region servers is secured the same as RPC between region servers in the same clusters? Is there a mechanism for exchanging keys between the master and slave clusters?
On Thursday, May 9, 2013, Andrew Purtell wrote: > There is no separate branch for security features, they are integrated in > 0.92 and 0.94. We did partition the security sources into a separate Maven > module for 0.92 and 0.94, out of an abundance of caution during development > of security features. (Some versions of Hadoop, e.g. 0.20, don't have the > necessary APIs, so compiling HBase against such old versions will fail if > security sources are included in the build.) That forces the production of > those -security artifacts because of Maven being Maven. A -security > artifact contains all of 0.94 plus: > - A secure RPC engine, for integrating with Hadoop security / Kerberos > - The AccessController coprocessor > - The TokenProvider coprocessor > > From 0.95 and forward there won't be separate security artifacts. > > > On Thu, May 9, 2013 at 5:36 PM, Asaf Mesika > <[email protected]<javascript:;>> > wrote: > > > On Thu, May 9, 2013 at 11:43 AM, ramkrishna vasudevan < > > [email protected] <javascript:;>> wrote: > > > > > >>Does enabling security in HBase entails using the latest hbase > security > > > >>branch? > > > Which branch are you using? Once you enable security the security > > feature > > > on that branch starts working. > > > > > If security is a feature, why HBase are releasing two version each time. > > For instance 0.94.7 and 0.94.7-security? > > > > > > > >>3. Suppose the only requirement I have is securing the RPC in between > > > >>Master and Slave sites, do I must have Secure HDFS and secure > > ZooKeeper? > > > Security if enabled will apply to HDFS and Zookeeper also. I don't > think > > > you can only enable for HBase alone. > > > > > Thus I need to have special versions of HDFS and ZooKeeper as well, or > > security is already baked in as a feature in Hadoop 1.0.4 (for example) ? > > > > > > > > >>1. Does HBase supports secure RPC between Master and Slave > > replications? > > > Sorry am not sure on this. > > > > > > Regards > > > Ram > > > > > > > > > On Thu, May 9, 2013 at 2:04 PM, Asaf Mesika > > > <[email protected]<javascript:;> > > > > wrote: > > > > > > > Hi, > > > > > > > > I know that HBase supports secure RPC between its nodes (Master, > Region > > > > Server). I have couple of questions about it: > > > > > > > > 1. Does HBase supports secure RPC between Master and Slave > > replications? > > > > 2. Does enabling security in HBase entails using the latest hbase > > > security > > > > branch? > > > > 3. Suppose the only requirement I have is securing the RPC in between > > > > Master and Slave sites, do I must have Secure HDFS and secure > > ZooKeeper? > > > > > > > > Thank you, > > > > > > > > Asaf > > > > > > > > > > > > > -- > Best regards, > > - Andy > > Problems worthy of attack prove their worth by hitting back. - Piet Hein > (via Tom White) >
