Kudu authentication with Kerberos

You can configure authentication on Kudu servers. Authentication in Kudu is designed to interoperate with other secure Hadoop components by utilizing Kerberos.

The --rpc_authentication flag is used to configure authentication on Kudu servers. In a Cloudera Manager managed cluster that flag is configured using the Enable Secure Authentication And Encryption property. This property can have the following values:
  • Optional: Kudu will attempt to use strong authentication, but will allow unauthenticated connections. The connection between servers will be encrypted. This is the default value which is indicated by a clear checkbox.
  • Required: Kudu will reject connections from clients and servers who lack authentication credentials. If you want to secure your cluster you have to set the --rpc_authentication flag to this value, meaning that you have to select the Enable Secure Authentication And Encryption property.