Kudu authentication with Kerberos
You can configure authentication on Kudu servers. Authentication in Kudu is designed to interoperate with other secure Hadoop components by utilizing Kerberos.
--rpc_authenticationflag is used to configure authentication on Kudu servers. In a Cloudera Manager managed cluster that flag is configured using the Enable Secure Authentication And Encryption property. This property can have the following values:
- Optional: Kudu will attempt to use strong authentication, but will allow unauthenticated connections. The connection between servers will be encrypted. This is the default value which is indicated by a clear checkbox.
- Required: Kudu will reject connections from clients and servers
who lack authentication credentials. If you want to secure your cluster you have to set
--rpc_authenticationflag to this value, meaning that you have to select the Enable Secure Authentication And Encryption property.