Before you start:
The Kerberos principals for the ResourceManager and NodeManager are configured in the yarn-site.xml file. The same yarn-site.xml file must be installed on every host machine in the cluster.
Make sure that each user who runs YARN jobs exists on all cluster nodes (that is, on every node that hosts any YARN daemon).
To configure secure YARN:
Add the following properties to the yarn-site.xml file on every machine in the cluster:
<!-- ResourceManager security configs -->
<property>
<name>yarn.resourcemanager.keytab</name>
<value>/etc/hadoop/conf/yarn.keytab</value>
<!-- path to the YARN keytab -->
</property>
<property>
<name>yarn.resourcemanager.principal</name>
<value>yarn/_HOST@YOUR-REALM.COM</value>
</property>
<!-- NodeManager security configs -->
<property>
<name>yarn.nodemanager.keytab</name>
<value>/etc/hadoop/conf/yarn.keytab</value>
<!-- path to the YARN keytab -->
</property>
<property>
<name>yarn.nodemanager.principal</name>
<value>yarn/_HOST@YOUR-REALM.COM</value>
</property>
<property>
<name>yarn.nodemanager.container-executor.class</name>
<value>org.apache.hadoop.yarn.server.nodemanager.LinuxContainerExecutor</value>
</property>
<property>
<name>yarn.nodemanager.linux-container-executor.group</name>
<value>yarn</value>
</property>
<!-- To enable TLS/SSL -->
<property>
<name>yarn.http.policy</name>
<value>HTTPS_ONLY</value>
</property>
Add the following properties to the mapred-site.xml file on every machine in the cluster:
<!-- MapReduce Job History Server security configs -->
<property>
<name>mapreduce.jobhistory.address</name>
<value>host:port</value> <!-- Host and port of the MapReduce Job History Server; default port is 10020 -->
</property>
<property>
<name>mapreduce.jobhistory.keytab</name>
<value>/etc/hadoop/conf/mapred.keytab</value>
<!-- path to the MAPRED keytab for the Job History Server -->
</property>
<property>
<name>mapreduce.jobhistory.principal</name>
<value>mapred/_HOST@YOUR-REALM.COM</value>
</property>
<!-- To enable TLS/SSL -->
<property>
<name>mapreduce.jobhistory.http.policy</name>
<value>HTTPS_ONLY</value>
</property>
To get in-depth knowledge on Hadoop, you can enroll for live Hadoop online training by OnlineITGuru with 24/7 support and lifetime access
バッドをするには、ログインかつ
こちらの条件を満たす必要があります。