Home | About | Sematext search-lucene.com search-hadoop.com
NEW: Monitor These Apps!
elasticsearch, apache solr, apache hbase, hadoop, redis, casssandra, amazon cloudwatch, mysql, memcached, apache kafka, apache zookeeper, apache storm, ubuntu, centOS, red hat, debian, puppet labs, java, senseiDB
 Search Hadoop and all its subprojects:

Switch to Plain View
HBase >> mail # user >> Secure HBase upon Replication


+
Asaf Mesika 2013-05-09, 08:34
+
ramkrishna vasudevan 2013-05-09, 08:43
+
Asaf Mesika 2013-05-09, 09:36
+
Andrew Purtell 2013-05-09, 10:07
+
Asaf Mesika 2013-05-09, 21:50
Copy link to this message
-
Re: Secure HBase upon Replication
Just pinging the question, in case anyone missed it...
(No answers were found in the resources I've searched for, so before diving
into the code...)

Thanks!
On Fri, May 10, 2013 at 12:50 AM, Asaf Mesika <[EMAIL PROTECTED]> wrote:

> Thank you for the detailed answer.
> Regarding my 1st question - RPC for replication between master and slave
> region servers is secured the same as RPC between region servers in the
> same clusters? Is there a mechanism for exchanging keys between the master
> and slave clusters?
>
>
> On Thursday, May 9, 2013, Andrew Purtell wrote:
>
>> There is no separate branch for security features, they are integrated in
>> 0.92 and 0.94. We did partition the security sources into a separate Maven
>> module for 0.92 and 0.94, out of an abundance of caution during
>> development
>> of security features. (Some versions of Hadoop, e.g. 0.20, don't have the
>> necessary APIs, so compiling HBase against such old versions will fail if
>> security sources are included in the build.) That forces the production of
>> those -security artifacts because of Maven being Maven. A -security
>> artifact contains all of 0.94 plus:
>>     - A secure RPC engine, for integrating with Hadoop security / Kerberos
>>     - The AccessController coprocessor
>>     - The TokenProvider coprocessor
>>
>> From 0.95 and forward there won't be separate security artifacts.
>>
>>
>> On Thu, May 9, 2013 at 5:36 PM, Asaf Mesika <[EMAIL PROTECTED]>
>> wrote:
>>
>> > On Thu, May 9, 2013 at 11:43 AM, ramkrishna vasudevan <
>> > [EMAIL PROTECTED]> wrote:
>> >
>> > > >>Does enabling security in HBase entails using the latest hbase
>> security
>> > > >>branch?
>> > > Which branch are you using?  Once you enable security the security
>> > feature
>> > > on that branch starts working.
>> > >
>> > If security is a feature, why HBase are releasing two version each time.
>> > For instance 0.94.7 and 0.94.7-security?
>> >
>> >
>> > > >>3. Suppose the only requirement I have is securing the RPC in
>> between
>> > > >>Master and Slave sites, do I must have Secure HDFS and secure
>> > ZooKeeper?
>> > > Security if enabled will apply to HDFS and Zookeeper also.  I don't
>> think
>> > > you can only enable for HBase alone.
>> > >
>> > Thus I need to have special versions of HDFS and ZooKeeper as well, or
>> > security is already baked in as a feature in Hadoop 1.0.4 (for example)
>> ?
>> >
>> > >
>> > > >>1. Does HBase supports secure RPC between Master and Slave
>> > replications?
>> > > Sorry am not sure on this.
>> > >
>> > > Regards
>> > > Ram
>> > >
>> > >
>> > > On Thu, May 9, 2013 at 2:04 PM, Asaf Mesika <[EMAIL PROTECTED]>
>> > wrote:
>> > >
>> > > > Hi,
>> > > >
>> > > > I know that HBase supports secure RPC between its nodes (Master,
>> Region
>> > > > Server). I have couple of questions about it:
>> > > >
>> > > > 1. Does HBase supports secure RPC between Master and Slave
>> > replications?
>> > > > 2. Does enabling security in HBase entails using the latest hbase
>> > > security
>> > > > branch?
>> > > > 3. Suppose the only requirement I have is securing the RPC in
>> between
>> > > > Master and Slave sites, do I must have Secure HDFS and secure
>> > ZooKeeper?
>> > > >
>> > > > Thank you,
>> > > >
>> > > > Asaf
>> > > >
>> > >
>> >
>>
>>
>>
>> --
>> Best regards,
>>
>>    - Andy
>>
>> Problems worthy of attack prove their worth by hitting back. - Piet Hein
>> (via Tom White)
>>
>
+
ramkrishna vasudevan 2013-05-09, 10:10
NEW: Monitor These Apps!
elasticsearch, apache solr, apache hbase, hadoop, redis, casssandra, amazon cloudwatch, mysql, memcached, apache kafka, apache zookeeper, apache storm, ubuntu, centOS, red hat, debian, puppet labs, java, senseiDB