You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ambari.apache.org by "Dmitry Lysnichenko (JIRA)" <ji...@apache.org> on 2014/10/02 21:56:33 UTC
[jira] [Resolved] (AMBARI-7615) Ambari support for DataNode no
longer running as root.
[ https://issues.apache.org/jira/browse/AMBARI-7615?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Dmitry Lysnichenko resolved AMBARI-7615.
----------------------------------------
Resolution: Fixed
committed to trunk
> Ambari support for DataNode no longer running as root.
> ------------------------------------------------------
>
> Key: AMBARI-7615
> URL: https://issues.apache.org/jira/browse/AMBARI-7615
> Project: Ambari
> Issue Type: Improvement
> Components: ambari-server
> Affects Versions: 1.7.0
> Reporter: Dmitry Lysnichenko
> Assignee: Dmitry Lysnichenko
> Fix For: 1.7.0
>
>
> This feature is new in Champlain.
> This feature is intended for use in secure (Kerberized) clusters. The full steps for configuration are:
> # Configure in hdfs-site.xml:
> ## Set {{dfs.data.transfer.protection}} to {{authentication}}, {{integrity}}, or {{privacy}}. I think {{authentication}} makes sense as the default on new installs.
> ## Set {{dfs.datanode.address}} to use a non-privileged port, i.e. {{0.0.0.0:50010}}.
> ## Set {{dfs.datanode.https.address}} to use a non-privileged port, i.e. {{0.0.0.0:50475}}.
> ## Set {{dfs.http.policy}} to {{HTTPS_ONLY}}.
> # Start DataNode as hdfs.
> BTW, running as root using privileged ports is still a fully supported configuration. This should continue to be the default mode. Running as non-root is opt-in only, so all of the above should be optional.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)