hbase-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Todd Lipcon <t...@cloudera.com>
Subject Re: Secure Hadoop and non-secure HBase
Date Sun, 11 Sep 2011 22:13:26 GMT
Hi Eric,

Could you please explain more fully what you mean by this? The daemons
generally run using keytabs, not user credentials, and thus shouldn't
need the explicit TGT Renewer, right?

-Todd

On Sun, Sep 11, 2011 at 11:04 AM, Eric Yang <eric818@gmail.com> wrote:
> Hi all,
>
> Hortonworks has a patch for secure append for Apache Hadoop 0.20.205 to work with HBase
0.90.x.  However, secure Hadoop and HBase would work until kerberos token expires.  There
is currently no code that renews kerberos token in HBase.  Hence, it is possible to add a
cron job to periodically renew the HBase user token to keep the system running.  What does
the community think about having a setup script for cron job as part of HBase upcoming minor
release, and fix the token renewal in HBase code for the next major version.  On the other
hand, would the community accept the token renewal code in HBase as part of the upcoming 0.90.5
release?  If yes, what is the time line for 0.90.5?
>
> regards,
> Eric



-- 
Todd Lipcon
Software Engineer, Cloudera

Mime
View raw message