Home | About | Sematext search-lucene.com search-hadoop.com
NEW: Monitor These Apps!
elasticsearch, apache solr, apache hbase, hadoop, redis, casssandra, amazon cloudwatch, mysql, memcached, apache kafka, apache zookeeper, apache storm, ubuntu, centOS, red hat, debian, puppet labs, java, senseiDB
 Search Hadoop and all its subprojects:

Switch to Plain View
MapReduce >> mail # user >> Using certificates to secure Hadoop


Copy link to this message
-
Using certificates to secure Hadoop
Hi all,

I've been asked to check whether is possible to use certificates to secure
the connection between Hadoop and Oozie and the "external world" or not.

Case is this:

We have to develop a webservice to run Oozie workflows and access HDFS, so
that there will be just one "interface" between the cluster and a user web
application.

Current security scenario does not allow to use Kerberos to authenticate the
users, so we were thinking about using certificates, distributed through the
Tomcat stack (as show on the following diagram).

The idea is that only a client (in this case the client would be the Java
WebService - the blue box) with the right certificate could "talk" to the
Hadoop / Oozie machines.

 

 

Is it possible to achieve this scenario?

If so, is there a whitepaper on the Internet that shows how to do this?

If not possible, what do you think would be the best security solution not
using Kerberos (example, firewall sec., IP security, .)?

 

Thank you very much, have a nice day!

 

Fabio Pitzolu

 

+
Nitin Pawar 2013-01-22, 16:56
+
Fabio Pitzolu 2013-01-22, 17:37
+
Nitin Pawar 2013-01-22, 17:49
+
Fabio Pitzolu 2013-01-22, 17:53
NEW: Monitor These Apps!
elasticsearch, apache solr, apache hbase, hadoop, redis, casssandra, amazon cloudwatch, mysql, memcached, apache kafka, apache zookeeper, apache storm, ubuntu, centOS, red hat, debian, puppet labs, java, senseiDB