That is a very appropriate setup. As long as those assumptions remain valid, of course. This was the only way how early hadoop clusters were secured - by restricting access to the cluster using firewall and gateways.
On Jan 21, 2014, at 4:45 PM, Koert Kuipers <[EMAIL PROTECTED]> wrote:
> but for a hadoop cluster that sits "behind" a bunch of web servers to do say log analysis, and that already is protected by standard measures (no route to cluster from outside, so a web server would have to get compromised to gain access), is there any value in securing it with kerberos? does anyone do that?
NOTICE: This message is intended for the use of the individual or entity to
which it is addressed and may contain information that is confidential,
privileged and exempt from disclosure under applicable law. If the reader
of this message is not the intended recipient, you are hereby notified that
any printing, copying, dissemination, distribution, disclosure or
forwarding of this communication is strictly prohibited. If you have
received this communication in error, please contact the sender immediately
and delete it from your system. Thank You.