Uploaded image for project: 'Ambari'
  1. Ambari
  2. AMBARI-10037

Support creation of a secure cluster (w/ blueprints)

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Open
    • Major
    • Resolution: Unresolved
    • None
    • None
    • ambari-server

    Description

      While it is possible to enable Kerberos on an existing cluster, it should be possible to create a new cluster with Kerberos enabled in a single step. Ideally the blueprint API could be used in that case.

      Note that any service added to an already-secured cluster is immediately secured. Therefore, a possible workaround is to create a cluster with no services, secure it, then add services. But this workaround is incompatible with blueprints.

      Among the benefits:

      1. reduced time spent in an insecure configuration; close a potential vulnerability.
      2. more convenient; no additional step to perform.
      3. faster; fewer restarts.
      4. improved interoperability with HCFS.

      Attachments

        Activity

          People

            Unassigned Unassigned
            eronwright Eron Wright
            Votes:
            1 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated: