堆栈内存溢出
  简体   繁体   English

如何在Hadoop和Hbase的Cloudera发行版中启用安全性?

[英]How to enable security in Cloudera distribution of Hadoop and Hbase?

 原文  2012-11-29 10:39:34       .htaccess/ security/ hadoop/ cloudera

问题描述

I have installed CDH (Cloudera) Hadoop cluster, and have web admin panels on ports 50070, 50060, 50030, 50075, etc. 我已经安装了CDH(Cloudera)Hadoop集群,并在端口50070、50060、50030、50075等上安装了Web管理面板。

How I can enable something like .htaccess file to enable any simple security to access? 如何启用类似.htaccess的文件来启用任何简单的安全性访问?

2 个解决方案

解决方案1
 1  2012-11-29 11:28:23

I can't comment to newer versions of Hadoop, but 0.x and 1.x releases use Jetty to serve up the web resources. 我无法评论较新版本的Hadoop,但0.x和1.x版本使用Jetty来提供Web资源。 I don't think they have the ability to implement the sort of security you are looking for out of the box. 我认为他们没有能力立即实现您正在寻找的那种安全性。

Typically protecting access to resources like this (and the cluster in general) is achieved by putting all the nodes on an isolated network, with an edge node that people ssh to. 通常,通过将所有节点放置在隔离的网络上,并通过人们ssh的边缘节点来保护对此类资源(通常是集群)的访问。 From this point you can manage login to this edge node to prevent unauthorised access, and your users can tunnel connections through to the various web resources. 从这一点上,您可以管理登录到此边缘节点以防止未经授权的访问,并且您的用户可以通过隧道将连接建立到各种Web资源。

It's one way, there are probably others. 这是一种方法,可能还有其他方法。

解决方案2
 0  2012-12-02 13:21:52

Thank's Chris, I got Idea. 谢谢克里斯,我知道了。

The easy way to protect hadoop&hbase lan resources - I mean web admin, browse filesystem, hbase health, etc is to use SSH Tunnel, 保护hadoop&hbase lan资源的简单方法-我的意思是Web管理员,浏览文件系统,hbase运行状况等是使用SSH隧道,

First you need: 首先,您需要:

  • remote ssh access to one your lan machine - for example: master has an ip - 192.168.10.5 远程ssh访问您的lan机器-例如:master有一个ip- 192.168.10.5

  • on your local achine you make ssh -D localhost:12345 user@lan_machine 在本地机器上,使ssh -D localhost:12345 user@lan_machine

  • in firefox your setup socks proxy - localhost:12345 (is better to use foxy proxy plugin) 在firefox中,您的安装程序会代理袜子- localhost:12345 (最好使用狡猾的代理插件)

after, you may access to your lan resources like your in this lan. 之后,您可以像在此局域网中一样访问您的局域网资源。 For example tasktracker: http://192.168.10.5:50060/tasktracker.jsp 例如tasktracker: http://192.168.10.5:50060/tasktracker.jsp : http://192.168.10.5:50060/tasktracker.jsp :50060/ http://192.168.10.5:50060/tasktracker.jsp

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何启用gzip压缩 - How to enable gzip compression 如何启用 gzip? - How to enable gzip? 如何在本地主机上启用htaccess - How to enable htaccess on localhost 如何在 Apache 中启用多视图 - How to enable MultiViews in Apache 如何启用laravel 4 gzip? - how to enable laravel 4 gzip? 如何启用ErrorDocument 400错误? - How to enable ErrorDocument for 400 error? 如何为yii2启用gzip? - How to enable gzip for yii2? 如何在服务器中启用.zip扩展名 - how to enable .zip extension in server 如何在 nginx 上启用浏览器缓存? - How to enable browser cache on nginx? 如何在 htaccess 中启用 MySQLi 扩展 - How to enable MySQLi extension in htaccess
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM