About Release 7.1
This site contains documentation for HPE Ezmeral Data Fabric release 7.1, including installation, configuration, administration, and reference content, as well as content for the associated ecosystem components and drivers.
7.1 Installation
This section contains information about installing and upgrading HPE Ezmeral Data Fabric software. It also contains information about how to migrate data and applications from an Apache Hadoop cluster to a HPE Ezmeral Data Fabric cluster.
7.1 Data Fabric
HPE Ezmeral Data Fabric is the industry-leading data platform for AI and analytics that solves enterprise business needs.
7.1 Administration
This section describes how to manage the nodes and services that make up a cluster.
7.1 Development
This section contains information related to application development for Ezmeral ecosystem components and HPE Ezmeral Data Fabric products, including the file system, Database (Key-Value and JSON), and Event Streams.
- Application Development Process
  Before you start developing applications on the HPE Ezmeral Data Fabric platform, consider how you will get the data into the platform, the storage format of the data, the type of processing or modeling that is required, and how the data will be accessed.
- File Store and Apps
  The following sections provide information about accessing the File Store with C and Java applications.
- HPE Ezmeral Data Fabric Database and Apps
  This section contains information about developing client applications for JSON and key-value tables.
- Apache Kafka Wire Protocol Service
  HPE Ezmeral Data Fabric Streams supports Apache Kafka Wire Protocol Service. Apache Kafka Wire Protocol Service is a TCP/IP service that emulates a Kafka cluster backed by HPE Ezmeral Data Fabric Streams. The service makes it possible for Apache Kafka clients written in any programming language to access topics in HPE Ezmeral Data Fabric Streams.
- HPE Ezmeral Data Fabric Streams and Apps
  HPE Ezmeral Data Fabric Streams brings integrated publish and subscribe messaging to HPE Ezmeral Data Fabric.
- MapReduce and Apps
  This section contains information associated with developing YARN applications.
- Kubernetes Interfaces for Data Fabric
  This section describes how to leverage the capabilities of the Kubernetes Interfaces for Data Fabric.
- Ecosystem Components
  The following sections provide information about each open-source project that is supported by the HPE Ezmeral Data Fabric.
  - Ecosystem Packs
  - Apache Airflow
    This topic provides an overview of Apache Airflow on HPE Ezmeral Data Fabric.
  - AsyncHBase
  - Cascading
  - Apache Drill
  - Hadoop
  - HBase
  - HBase Client and HPE Ezmeral Data Fabric Database Binary Tables
  - HCatalog
  - Hive
  - HttpFS
  - Hue
  - Livy
    Apache Livy is primarily used to provide integration between Hue and Spark.
  - HPE Ezmeral Data Fabric Streams Clients and Tools
    Describes the supported HPE Ezmeral Data Fabric Streams tools and clients.
    - KSQL
      KSQL is an open-source streaming SQL engine that implements continuous, interactive queries.
    - Kafka Streams
      Kafka Streams is a programming library used for creating Java or Scala streaming applications and, specifically, building streaming applications that transform input topics into output topics.
    - Kafka REST Proxy
      The Kafka REST Proxy provides a RESTful interface to HPE Ezmeral Data Fabric Streams clusters to consume and produce messages and to perform administrative operations.
    - Kafka Connect
      Kafka Connect is a utility for streaming data between HPE Ezmeral Data Fabric Streams and other storage systems.
    - Kafka Schema Registry
      Kafka Schema Registry provides a RESTful interface for storing and retrieving schemas.
      - Building and Deploying Kafka Schema Registry
        To build and deploy Kafka Schema Registry with Maven, you must first install development versions of Kafka common and rest-utils utilities.
      - Kafka Schema Registry Limitations
        Describes the limitations related to the Kafka Schema Registry.
      - Kafka Schema Registry Security
        Describes security mechanisms for Kafka Schema Registry.
      - Kafka Schema Registry Configuration
        Describes how to configure the Kafka Schema Registry for HPE Ezmeral Data Fabric Event Store.
      - Kafka Schema Registry Use Cases
        Describes typical use cases to register and query a schema and serialize and deserialize data.
      - Managing Kafka Schema Registry
        Describes how to manage the internal stream for Kafka Schema Registry.
      - Enabling High Availability for Kafka Schema Registry
        You can enable high availability by installing multiple instances of schema registry on the same cluster.
      - Schema Registry Demos
        Provides demonstrations for using Kafka Schema Registry to store and retrieve schemas.
    - Structured Streaming in Spark
      Starting in EEP 5.0.0, structured streaming is supported in Spark.
  - NiFi
    This topic provides an overview of Apache NiFi on HPE Ezmeral Data Fabric.
  - Ranger
  - Apache Spark
  - YARN
  - Zeppelin
- Maven and the HPE Ezmeral Data Fabric
  This section discusses topics associated with Maven and the HPE Ezmeral Data Fabric.
- Developer's Reference
  This section contains in-depth information for the developer.
- API Documentation
  HPE Ezmeral Data Fabric supports public APIs for file system, HPE Ezmeral Data Fabric Database, and HPE Ezmeral Data Fabric Streams. These APIs are available for application-development purposes.
Other Docs
This section contains release-independent information, including: Installer documentation, Ecosystem release notes, interoperability matrices, security vulnerabilities, and links to other data-fabric version documentation.
Glossary
Definitions for commonly used terms in MapR Converged Data Platform environments.

Kafka Schema Registry Security

Describes security mechanisms for Kafka Schema Registry.

By default, Schema Registry is secure when installed on a secure cluster. A secure cluster is a cluster installed with the default security (data-fabric SASL) enabled. Default security provides authentication, encryption, impersonation, and authorization for Schema Registry. For encryption, SSL/TLS protocols are supported.

If you install Schema Registry in an insecure cluster, you can enable security through security parameters in the /opt/mapr/schema-registry/schema-registry-<version>/etc/schema-registry/schema-registry.properties file, as described in Security Parameters.

Schema Registry Communication Paths

The following image depicts the Schema Registry communication paths:

The following table lists the supported security mechanisms for the Schema Registry communication paths:

NOTE Path B does not have a network connection and therefore does not need to be secured. However, impersonation works seamlessly for this path through Schema Registry Server.

Security Features	Supported Mechanisms	Communication Paths Secured
Authentication	Data Fabric SASL (ticket-based security)	D – Schema Registry Server and ZooKeeper
		A - Schema Registry Client and Schema Registry Server
		C – Schema Registry Server and Schema Registry Server
	Basic (PAM)	A - Schema Registry Client and Schema Registry Server
		C – Schema Registry Server and Schema Registry Server
	Cookie	A - Schema Registry Client and Schema Registry Server
		C – Schema Registry Server and Schema Registry Server
Encryption	Data Fabric SASL (ticket-based security)	D - Schema Registry Server and ZooKeeper
		A - Schema Registry Client and Schema Registry Server
		C -Schema Registry Server and Schema Registry Server
	SSL/TLS	A - Schema Registry Client and Schema Registry Server
		C - Schema Registry Server and Schema Registry Server
Authorization	Based on filesystem permissions.	A - Schema Registry Client and Schema Registry Server
Impersonation	User impersonation	A - Schema Registry Client and Schema Registry Server
		B – Schema Registry Server to Streams for Apache Kafka
		C - Schema Registry Server and Schema Registry Server
Auditing	Not supported	--