hbase-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ted Yu (JIRA)" <j...@apache.org>
Subject [jira] [Comment Edited] (HBASE-17860) Implement secure native client connection
Date Fri, 31 Mar 2017 21:30:41 GMT

    [ https://issues.apache.org/jira/browse/HBASE-17860?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15951593#comment-15951593
] 

Ted Yu edited comment on HBASE-17860 at 3/31/17 9:30 PM:
---------------------------------------------------------

Here is brief procedure for testing:

* install cyrus-sasl-2.1.26 on docker vm

* follow this link to install kerberos packages: https://help.ubuntu.com/lts/serverguide/kerberos.html

* follow this link to configure KDC: https://www.rootusers.com/how-to-configure-linux-to-authenticate-using-kerberos/

* generate hbase-host.keytab for server (and optionally hbase.keytab for user)

* run kinit with the keytab

* apply the patch which sets necessary config in conf/hbase-site.xml

* run bin/start-hbase.sh to start hbase server

* use hbase shell to create table (test would populate the table with:)
{code}
 test1                                      column=d:1, timestamp=1490984371943, value=value1
 test1                                      column=d:extra, timestamp=1490984371949, value=value
for extra
 test2                                      column=d:2, timestamp=1490831145321, value=value2
 test2                                      column=d:extra, timestamp=1490831219721, value=value
for extra
{code}
* run the following command and verify that ClientTest.PutGet passes:

buck test //core:client-test --no-results-cache


was (Author: yuzhihong@gmail.com):
Here is brief procedure for testing:

* install cyrus-sasl-2.1.26 on docker vm

* follow this link to install kerberos packages: https://help.ubuntu.com/lts/serverguide/kerberos.html

* follow this link to configure KDC: https://www.rootusers.com/how-to-configure-linux-to-authenticate-using-kerberos/

* generate hbase-host.keytab for server (and optionally hbase.keytab for user)

* run kinit with the keytab

* apply the patch which sets necessary config in conf/hbase-site.xml

* run bin/start-hbase.sh to start hbase server

* use hbase shell to create table and populate with:
{code}
 test1                                      column=d:1, timestamp=1490984371943, value=value1
 test1                                      column=d:extra, timestamp=1490984371949, value=value
for extra
 test2                                      column=d:2, timestamp=1490831145321, value=value2
 test2                                      column=d:extra, timestamp=1490831219721, value=value
for extra
{code}
* run the following command and verify that ClientTest.PutGet passes:

buck test //core:client-test --no-results-cache

> Implement secure native client connection
> -----------------------------------------
>
>                 Key: HBASE-17860
>                 URL: https://issues.apache.org/jira/browse/HBASE-17860
>             Project: HBase
>          Issue Type: Sub-task
>            Reporter: Ted Yu
>            Assignee: Ted Yu
>            Priority: Critical
>
> So far, the native client communicates with insecure cluster.
> This JIRA is to add secure connection support for native client using Cyrus library.
> The work is based on earlier implementation and is redone via wangle and folly frameworks.
> Thanks to [~devaraj] who started the initiative.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Mime
View raw message