You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@ambari.apache.org by "Dmitry Lysnichenko (JIRA)" <ji...@apache.org> on 2014/10/02 21:56:33 UTC

[jira] [Resolved] (AMBARI-7615) Ambari support for DataNode no longer running as root.

     [ https://issues.apache.org/jira/browse/AMBARI-7615?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Dmitry Lysnichenko resolved AMBARI-7615.
----------------------------------------
    Resolution: Fixed

committed to trunk

> Ambari support for DataNode no longer running as root.
> ------------------------------------------------------
>
>                 Key: AMBARI-7615
>                 URL: https://issues.apache.org/jira/browse/AMBARI-7615
>             Project: Ambari
>          Issue Type: Improvement
>          Components: ambari-server
>    Affects Versions: 1.7.0
>            Reporter: Dmitry Lysnichenko
>            Assignee: Dmitry Lysnichenko
>             Fix For: 1.7.0
>
>
> This feature is new in Champlain.  
> This feature is intended for use in secure (Kerberized) clusters.  The full steps for configuration are:
> # Configure in hdfs-site.xml:
> ## Set {{dfs.data.transfer.protection}} to {{authentication}}, {{integrity}}, or {{privacy}}.  I think {{authentication}} makes sense as the default on new installs.
> ## Set {{dfs.datanode.address}} to use a non-privileged port, i.e. {{0.0.0.0:50010}}.
> ## Set {{dfs.datanode.https.address}} to use a non-privileged port, i.e. {{0.0.0.0:50475}}.
> ## Set {{dfs.http.policy}} to {{HTTPS_ONLY}}.
> # Start DataNode as hdfs.
> BTW, running as root using privileged ports is still a fully supported configuration.  This should continue to be the default mode.  Running as non-root is opt-in only, so all of the above should be optional.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)