HDP Operations: Security

Course Overview

This course is designed for experienced administrators who will be implementing secure Hadoop clusters using authentication, authorization, auditing and data protection strategies and tools.
 

Target Audience

IT administrators and operators responsible for installing, configuring and supporting an Apache Hadoop 2.3 deployment in a Linux environment.

Prerequisites

Students should be experienced in the management of Hadoop using Ambari and Linux environments. Completion of the Hadoop Administration I course is highly recommended.

Course Objectives

  • Describe the 5 pillars of a secure environment
  • List the reasons why a secure environment is needed
  • Describe how security is integrated within Hadoop
  • Choose which security tool is best for specific use cases
  • List security prerequisites
  • Configure Ambari security
  • Set up Ambari Views for controlled access
  • Describe Kerberos use and architecture
  • Install Kerberos
  • Configure Ambari for Kerberos
  • Configure Hadoop for Kerberos
  • Enable Kerberos
  • Install and configure Apache Knox
  • Install and configure Apache Ranger
  • Install and configure Ranger Key Management Services
  • Use Ranger to assure secure data access
  • Describe available partner security solutions

Course Outline

Hands-On Labs

  • Setting up Active Directory/Operating System Integration
  • Configuring Ambari for Non-Root
  • Encrypting Ambari Database and Passwords
  • Setting up Ambari for LDAP/Active Directory Authentication
  • Setting up HTTPS/SSL Server for Ambari
  • Setting up Two-Way SSL for Ambari Server and Agents
  • Enabling SPNEGO Authentication for Hadoop
  • Configuring Ambari Views for Kerberos
  • Setting up Ambari for Kerberos
  • Setting up/Enabling HDP for Kerberos
  • Installing Knox Service via Ambari
  • Configuring Knox Gateway
  • Configuring Knox to Authenticate via Active Directory/LDAP
  • Configuring Knox Topology to Connect to Hadoop Cluster
  • Service
  • Installing Ranger Service via Ambari
  • Configuring Ranger Repository Manager, Policy Manager,
  • User Groups and Auditing
  • Installing Ranger KMS via Ambari
  • Configuring HDFS for Encryption
  • Configuring Hive to utilize Encrypted HDFS
  • Enabling Ranger KMS Audit
  • Using Ranger KMS Service
  • Testing Secure Access with HDFS, Hive, Pig and Sqoop

SLI Main Menu