Summary
In this chapter, we looked at the steps that need to be adopted to set up various Hadoop ecosystem components. At the high level, the process involves creating the Kerberos principal for each of the components and then securing the keytab file under the user's home directory. If the service has to impersonate the end user, then the service principal is configured as superuser in Hadoop. Each ecosystem component has specific configuration that needs to be updated to support secured authentication with Kerberos. Some of the components such as Sqoop or Sqoop2, leave a certain amount of security hole when used in production. So these components have to be used with caution and deployed with additional security measures.
In the next chapter, we will look at how to integrate the authentication and authorization of these ecosystem components with the Enterprise Identity Management systems.
