Securing the Hadoop Data Lake workshop
These workshops is part of a 'Securing the Data Lake' webinar.
Also see webinar on Ambari 2.0 for demo on using custom services for KDC, OpenLDAP, NSLCD
Goals
To demonstrate:
- Authentication: Configure kerberos with LDAP on HDP sandbox
- Authorization & Audit: To allow users to specify access policies and enable audit around Hadoop from a central location via a UI, integrated with LDAP
- Enable Perimeter Security: Enable Knox to work with kerberos enabled cluster to enable perimeter security using single end point
Why integrate security with LDAP?
- To show how Hadoop plugs in to the enterprise's existing Identity Management system
Workshop Materials
Current release:
HDP 2.3
- Enable security on HDP 2.3/Ambari 2.1 single node setup using FreeIPA as LDAP
- Instructions available [here](https://github.com/abajwa-hw/security-workshops/blob/master/Security-workshop-HDP 2_3-IPA.md)
- Prebuilt secured sandboxes:
- Enable security on HDP 2.3/Ambari 2.1 single node setup using ActiveDirectory as LDAP
- Instructions available here
Previous releases:
HDP 2.2.4.2
- Enable security on HDP 2.2.4.2/Ambari 2.0 single node setup using OpenLDAP as LDAP
- Instructions available here
Note that FreeIPA will not work with Ambari 2.0 because the manual kerberos wizard option was removed. This will be added back in future release (by end of summer)
HDP 2.2.0
- Enable security on HDP 2.2.0 single node setup using FreeIPA as LDAP
- Enable security on HDP 2.2.0 single node setup using OpenLDAP as LDAP
- Instructions available here - WIP
HDP 2.1
- Enable security on HDP 2.1 sandbox using FreeIPA as LDAP
- Presentation Slides of presentation
- Presentation Recording of presentation
- Instructions available here
- Step by step video playlist available here
- Prebuilt secured sandbox VM available here