[Question] dolphin provide too much keytab

[microeastcowboy]

when hadoop with kerberos security enabled, and if you want submit mr job to cluster, you must submit keytab and provide princiapl。dolphin must save all keytabs provided by user，if dolphin server was attacked by hacker，it will become unsafety，how dolphin can do with this ？ any idea will be appreciated.

[zhuangchong]

The problem you mentioned always exists in the big data cluster. Clients that submit tasks need to use Kerberos authentication to submit tasks, and the keytab is required. This has nothing to do with Dolphin, which is deployed on the node of the big data cluster client. Also the Dolphin machine that you mentioned was attacked, now all companies' big data clusters are deployed in the Intranet and accessed using the skip machine.

---

你说的问题在大数据集群里面一直存在，提交任务的客户端都需要使用kerberos认证才能提交任务，必须要有keytab，这跟dolphin没有关系，dolphin部署在的是大数据集群客户端节点上。还有你说的dolphin机器被攻击，目前所有公司的大数据集群都是部署在内网内，使用跳板机访问。

[chengshiwen]

Related issue: #3608