Home
6.0 Administration
This section describes how to manage the nodes and services that make up a cluster.
Configuring Security
Describes how to configure MapR security and manage secure clusters.
Configuring Mapr Security
Provides usage information for frequently used security functionality, including Access Control Lists (ACLs), Access Control Expressions (ACEs), file permissions, and subnet whitelisting.

MapR 6.0 Documentation

6.0 Administration
This section describes how to manage the nodes and services that make up a cluster.
- Administering Users and Clusters
- Administering Nodes
- Administering Volumes
  This section provide information about how to organize and manage data using volumes, a unique feature of MapR clusters.
- Administering Files and Directories
- Administering Tables
  Administration of the MapR-DB is done primarily via the command line (maprcli) or with the MapR Control System (MCS). Regardless of whether the MapR-DB table is used for binary files or JSON documents, the same types of commands are used with slightly different parameter options. MapR-DB administration is associated with tables, columns and column families, and table regions.
- Administering Streams
- Administering MapR Gateways
  A MapR gateway mediates one-way communication between a source MapR cluster and a destination cluster. You can replicate MapR-DB tables (binary and JSON) and MapR-ES streams. MapR gateways also apply updates from JSON tables to their secondary indexes and propagate Change Data Capture (CDC) logs.
- Administering Services
- Monitoring the Cluster
  This section describes how to monitor the health and performance of a MapR cluster.
- Configuring Security
  Describes how to configure MapR security and manage secure clusters.
  - Configuring Mapr Security
    Provides usage information for frequently used security functionality, including Access Control Lists (ACLs), Access Control Expressions (ACEs), file permissions, and subnet whitelisting.
    - Getting Started with MapR Security
      Describes two core scenarios that allow quick implementation of security features.
    - Managing Encryption for MapR Core
      Provides information that allows you to use encryption across the MapR platform.
    - Configuring Authentication
      Provides information about MapR ticket, Kerberos, Pluggable Authentication Module (PAM) authentication.
    - Managing Access Controls
      Describes how to create, enable, and use ACLs and ACEs.
  - Managing Impersonation
    Provides instructions for enabling and using MapR impersonation features.
- Managing Secure Clusters
  Provides procedures that will enable you to use MapR clusters securely.
- Administering the MapR Data Access Gateway
  The MapR Data Access Gateway is a service that acts as a proxy and gateway for translating requests between lightweight client applications and the MapR cluster. This section describes considerations when upgrading the service, how to modify configuration settings, and how to administer and manage the service.
- Planning for High Availability
- Administrator's Reference
  This section contains in-depth reference information for the administrator.
- Troubleshooting Cluster Administration
- Best Practices for Backing Up MapR Information

Configuring Mapr Security

Provides usage information for frequently used security functionality, including Access Control Lists (ACLs), Access Control Expressions (ACEs), file permissions, and subnet whitelisting.

NOTE: MapR 6.0 makes it easier to secure new MapR installations. For more information, see Built-in Security in MapR.

Wired encryption and authentication (including impersonation) for the MapR platform and all supported ecosystem products are enabled for new installations through the MapR Installer.

You can enable security features at any time, but additional configuration is required for the individual components to work with security enabled. This section discusses initial configuration of a secure cluster as well as other forms of security.

The following access control elements are available whether or not your cluster security features are enabled. Additionally, once security features are enabled, these elements benefit from encrypted traffic within the cluster and strong authentication to the cluster.

Access Control Lists (ACLs) for the cluster, the volumes in the cluster, and the MapReduce application queue
Access Control Expressions (ACEs) control user permissions for directories, files, and MapR-DB tables that are stored natively
File permissions for objects in the MapR-FS layer
Subnet whitelisting restricts access to the cluster's FileServer service

On clusters with security features enabled, ecosystem components may require additional configuration. For example, Hive functionality has different security requirements depending on the interaction between the HiveServer2 component, the Hive command-line interface, and the Hive metastore.

See the MapR Security Support Matrix for more information about supported security options for Ecosystem components. See the specific Ecosystem component in the Ecosystem Components for information on security configuration.

See Security Vulnerabilities for a list of known vulnerabilities.

(Topic last modified: 2018-10-16)