These workshops is part of a 'Securing the Data Lake' webinar.
Also see webinar on Ambari 2.0 for demo on using custom services for KDC, OpenLDAP, NSLCD
To demonstrate:
- Authentication: Configure kerberos with LDAP on HDP sandbox
- Authorization & Audit: To allow users to specify access policies and enable audit around Hadoop from a central location via a UI, integrated with LDAP
- Enable Perimeter Security: Enable Knox to work with kerberos enabled cluster to enable perimeter security using single end point
Why integrate security with LDAP?
- To show how Hadoop plugs in to the enterprise's existing Identity Management system
- Enable security on HDP 2.3.3/Ambari 2.1.3 multi-node setup using ActiveDirectory as LDAP
HDP 2.3
- Enable security on HDP 2.3/Ambari 2.1 single node setup using FreeIPA as LDAP
- Instructions available [here](https://github.com/abajwa-hw/security-workshops/blob/master/Security-workshop-HDP 2_3-IPA.md)
- Prebuilt secured sandbox available here
- Enable security on HDP 2.3/Ambari 2.1 single node setup using ActiveDirectory as LDAP
- Instructions available here
HDP 2.2.4.2
- Enable security on HDP 2.2.4.2/Ambari 2.0 single node setup using OpenLDAP as LDAP
- Instructions available here
Note that FreeIPA will not work with Ambari 2.0 because the manual kerberos wizard option was removed. This will be added back in future release (by end of summer)
HDP 2.2.0
- Enable security on HDP 2.2.0 single node setup using FreeIPA as LDAP
- Enable security on HDP 2.2.0 single node setup using OpenLDAP as LDAP
- Instructions available here - WIP
HDP 2.1
- Enable security on HDP 2.1 sandbox using FreeIPA as LDAP
- Presentation Slides of presentation
- Presentation Recording of presentation
- Instructions available here
- Step by step video playlist available here
- Prebuilt secured sandbox VM available here