Getting Started
Also available as:
PDF

Cluster security requirements for DLM-enabled clusters

You must configure a minimum set of security actions on each HDP cluster as part of configuring security for DLM-enabled clusters. You can perform any additional security-related tasks as appropriate for your environment and company policies. You must also have completed the security configuration requirements for clusters used with DPS.

If you are performing Hive replication with the Data Lifecycle Manager (DLM) service, ensure that the following tasks were completed during cluster installation. You must configure Ambari Ranger on clusters used in replicating Hive databases.

Table 1. Minimum Security Requirements Checklist for DLM
Task Comments Instructions
Configure LDAP with Ranger Only required if using Ranger with DLM Configuring Ranger Authentication with UNIX, LDAP, or AD
Configure user synchronization for policy administration Only required if using Ranger with DLM Configure Ranger User Sync
Configure Ranger plugins for Knox Only required if using Ranger with DLM Enabling Ranger Plugins: HDFS, YARN, Hive, Knox
Configure Ranger plugins for Kerberos Only required if using Ranger with DLM Ranger Plugins--Kerberos: HDFS, Hive, Knox
Configure Knox SSO for Ranger Only required if using Ranger with DLM Setting up Knox SSO for Ranger
Configure Knox Gateway for proxying Only required if using Knox proxying; proxying required for wire encryption Perimeter Security with Apache Knox