Up-Armoring The Elephant: Adding Kerberos-based Security to Hadoop

5,550 views

Published on

Presented at HadoopDay, Seattle, 2010.

Published in: Technology
0 Comments
4 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
5,550
On SlideShare
0
From Embeds
0
Number of Embeds
30
Actions
Shares
0
Downloads
128
Comments
0
Likes
4
Embeds 0
No embeds

No notes for slide
  • Discussion of how security was not a huge priority. File system permissions not added until 17.
  • Kerberos was chosen because it’s a tested, trusted solution. In use at Yahoo! already. Hadoop actors – users, servers such as NameNode, JobTracker, DNs, TTs all authenticate with Kerberos as principals. This allows Hadoop, for the first time to be able to trust the identity of its various components.
  • Kerberos provides single-sign-on serviceKinit, kdestroyCan be configured to automatically initialize via PAMBy default last 10 hours, renewable 7 days
  • Overall, the entire ship has been tightened. We believe that we’ve secured each of the data access points that were shown in the big scary picture previously.
  • * Secure Distributed Cache
  • For the majority of jobs, there will be no changes necessary to run under security. It was important to make the switch to security as painless as possible since there are already thousands of different jobs running on our clusters, hundreds of thousands around the world and those needed to continue to run. Also, user education is very difficult.
  • Up-Armoring The Elephant: Adding Kerberos-based Security to Hadoop

    1. 1. Up-Armoring the Elephant<br />Secure Hadoop is Here<br />Jakob Homan<br />jhoman@yahoo-inc.com<br />
    2. 2. Who I am<br />8/14/10<br />2<br />
    3. 3. Using Hadoop at Yahoo!<br />8/14/10<br />3<br />
    4. 4. As of 2009, 72% percent of patches going into the Hadoop source code were coming from Yahoo!<br />Developing Hadoop at Yahoo!<br />8/14/10<br />4<br />
    5. 5. Yahoo! provides extensive QE and QA resources to test Hadoop releases at scale.<br />Developing Hadoop at Yahoo!<br />8/14/10<br />5<br />
    6. 6. Developing Hadoop at Yahoo!<br />8/14/10<br />6<br />The Yahoo! distribution of Hadoop, available on Github, is the same code we run internally on our servers.<br />Patches important to stability and performance and stability are applied here, as well as Apache.<br />
    7. 7. Developing Hadoop at Yahoo!<br />8/14/10<br />7<br />The rest of the family<br />
    8. 8. Hadoop at Yahoo! Sunnyvale<br />8/14/10<br />8<br />
    9. 9. Why do we need a secure Hadoop?<br />8/14/10<br />9<br />
    10. 10. Current state of security in Hadoop<br />8/14/10<br />10<br />
    11. 11. Current state of security in Hadoop<br />8/14/10<br />11<br />Bowser copyright Nintendo<br />
    12. 12. The elephant is too trusting<br />8/14/10<br />12<br />
    13. 13. Which can let bad people do bad things<br />8/14/10<br />13<br />
    14. 14. Why is securing Hadoop hard?<br />8/14/10<br />14<br />
    15. 15. Enter Kerberos!<br />8/14/10<br />15<br />
    16. 16. Kerberos workflow<br />8/14/10<br />16<br />
    17. 17. RPC upgraded to use SASL/GSSAPI<br />8/14/10<br />17<br />
    18. 18. What does a secure Hadoop look like?<br />8/14/10<br />18<br />
    19. 19. Like this<br />8/14/10<br />19<br />
    20. 20. Everyone now authenticated<br />8/14/10<br />20<br />
    21. 21. Additional security throughout system<br />8/14/10<br />21<br />
    22. 22. How do I write a secure MapReduce job?<br />8/14/10<br />22<br />
    23. 23. This is how<br />8/14/10<br />23<br />Nochanges!<br />
    24. 24. Significant user-facing changes<br />8/14/10<br />24<br />
    25. 25. Secure web access is pluggable<br />8/14/10<br />25<br />
    26. 26. DistCP works… in 3 out of 4 cases<br />8/14/10<br />26<br />
    27. 27. Out of scope<br />8/14/10<br />27<br />
    28. 28. Impact on performance<br />8/14/10<br />28<br />
    29. 29. Take security for a test drive<br />8/14/10<br />29<br />
    30. 30. Or build a secure cluster at home<br />8/14/10<br />30<br />
    31. 31. Other projects and security<br />8/14/10<br />31<br />
    32. 32. Current state<br />8/14/10<br />32<br />
    33. 33. Current state<br />8/14/10<br />33<br />
    34. 34. Security list<br />8/14/10<br />34<br />
    35. 35. Questions?<br />8/14/10<br />35<br />

    ×