Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

spark-streaming kafka in a kerberized cluster - security question.

spark-streaming kafka in a kerberized cluster - security question.

New Contributor

I am using spark streaming to access kafka in a kerberized hadoop-spark and kafka environment.

According to

https://docs.hortonworks.com/HDPDocuments/HDP2/HDP-2.4.2/bk_spark-guide/content/spark-streaming-kafk...

I pass the "keytab" using the --files option to the spark job. This copies the keytab to the spark executor nodes.

As per my understanding there is no security risk here because the keytab can only be read by the "user' that is running the spark job and the keytab is deleted after the job is complete.

Please confirm if this is correct ? Passsing keytabs to the executors is a bit concerning, however I dont see a way around this.

Don't have an account?
Coming from Hortonworks? Activate your account here