• MapReduce Service

mrs
  1. Help Center
  2. MapReduce Service
  3. User Guide
  4. Management of Clusters with Kerberos Authentication Enabled
  5. Configuring Users to Access Resources of a Trusted Cluster

Configuring Users to Access Resources of a Trusted Cluster

Scenario

After cross-cluster mutual trust is configured, permission must be configured for users in the local cluster, so that the users can access the same resources in the peer cluster as the users in the peer cluster.

Prerequisites

The mutual trust relationship has been configured between two clusters (clusters A and B). The clients of the clusters have been updated.

Procedure

  1. Log in to MRS Manager of cluster A and choose System > Manage User. Check whether cluster A has accounts that are the same as those of cluster B.

  2. Click on the left side of the username to unfold detailed user information. Check the user groups and roles of the accounts to ensure that they have the same permission as the accounts of cluster B.

    For example, user admin of cluster A has the permission to access and create files in the /tmp directory of cluster A. Then go to Step 4.

  3. Create the accounts in cluster A and bind the accounts to the user group and roles required by the services. Then go to Step 4.
  4. Choose Service > HDFS > Instance. Query OM IP Address of NameNode(Active).
  5. Log in to the client of cluster B.

    For example, if you have updated the client on the Master2 node, log in to the Master2 node to use the client. For details, see Client Management.

  6. Run the following command to access the /tmp directory of cluster A.

    hdfs dfs -ls hdfs://192.168.6.159:25000/tmp

    In the preceding command, 192.168.6.159 is the IP address of the active NameNode of cluster A; 25000 is the default port for communication between the client and the NameNode.

  7. Run the following command to create a file in the /tmp directory of cluster A.

    hdfs dfs -touchz hdfs://192.168.6.159:25000/tmp/mrstest.txt