WARNING: Work In Progress
The sequence diagram below is intended to be a very detailed description of the interactions that occur during the process of defining, submitting and executing a map reduce job on a secure Hadoop cluster. Ideally this will complement and clarify the Hadoop security design white paper.
The descriptions of the interactions below take this form.
[Protocol] message( input ) : output
[Protocol] portion describes the protocol, authentication mechanism and identities exchanged.
RPC protocol with SASL mutual authentication using Kerberos tickets.
RPC protocol with SASL mutual authentication using delegation tokens.
Data transfer protocol between the DataNode and a client. HTTP protocol with block tokens plus SHA1 hash exchange.
Suffixes are used in many cases to denote type.
Kerberos Ticket Granting Ticket
Kerberos Principal: nn-kp = The Kerberos principal for the NameNode nn
Kerberos Ticket: u-jt-kt = A Kerberos Ticket for User u to access the JobTracker jt
Kerberos principals use the principal abbreviation and the kp suffix.
NameNode's Kerberos Principal
DataNode's Kerberos Principal (Unique principal for each DataNode on every node)
JobTracker's Kerberos Principal
TaskTracker's Kerberos Principal (Unique principal for each TaskTracker on every node)
Kerberos tickets use the consumer principal abbreviation, provider principal abbreviation and kt suffix.
Kerberos service ticket for User u to access NameNode nn
Kerberos service ticket for User u to access JobTracker jt
Kerberos service ticket for DataNode dn to access NameNode nn
Kerberos service ticket for JobTracker dn to access NameNode nn
Kerberos service ticket for TaskTracker tt to access JobTracker jt