Reply
Highlighted
New Contributor
Posts: 5
Registered: ‎08-17-2015

Single user or individual users to start different hadoop system services

[ Edited ]

Hi,

I am setting up a multi-node hadoop cluster. I am using cloudera CDH 5.4.4, JDK 1.8 and OS is Red Hat Linux 6.5 for this.

I have configured init to start Hadoop System Services (like namenode, yarn, hbase etc) at startup (By using chkconfig command). However I see that these services are started with different users eg namenode, secondary namenode services are started by hdfs user. Hbase service is started by hbase user. Yarn service is started by yarn user, so on and so forth.

I would like to know is it a good practice to start all the services using a single user or should I let them start using different users.

Which approach is better and why? If single user is better, how can I start all the services using single user?

Thanks for the help in advance.

Regards, V

Posts: 1,886
Kudos: 425
Solutions: 300
Registered: ‎07-31-2013

Re: Single user or individual users to start different hadoop system services

The idea behind CDH using separate user IDs is to provide better isolation and security between the services. The con with running everything as the same user is that the superuser becomes singular - and compromise of one service results in compromise of all.

Using isolated users also allows for better resource management.

There's no downside about the use of multiple users unless you have an organisation restriction of some sort. To use a single-user based cluster in such a case, follow this guide: http://www.cloudera.com/content/cloudera/en/documentation/core/latest/topics/install_singleuser_reqt...
Announcements