Securing Datanodes

    However, we support the legacy Kerberos based Authentication to make it easy for the current set of users.The HDFS configuration keys are the following that is setup in hdfs-site.xml.

    SCM has a built-in CA, and SCM has to approve this request. If the datanode already has a Kerberos key tab, then SCM will trust Kerberos credentials and issue a certificate automatically.

    If you running under an container orchestrator like Kubernetes, we rely on Kubernetes to create a one-time token that will be given to datanode during boot time to prove the identity of the datanode container (This is also work in progress.)

    Next >>