You are viewing an old version of this page. View the current version.
Compare with Current
View Page History
« Previous
Version 23
Next »
WARNING: Work In Progress
The descriptions of the interactions below take this form.
[Protocol] message( input ) : output
The [Protocol]
portion describes the protocol, authentication mechanism and identities exchanged.
Abbreviation |
Description |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="700f24c7-d911-477c-82dd-655bf4bd1f4a"><ac:plain-text-body><![CDATA[ |
[KRB] |
Kerberos Protocol |
]]></ac:plain-text-body></ac:structured-macro> |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="a0097419-5fef-43c9-96b7-39dfbdf2a2a6"><ac:plain-text-body><![CDATA[ |
[RSK:{ticket}] |
RPC protocol with SASL mutual authentication using Kerberos tickets. |
]]></ac:plain-text-body></ac:structured-macro> |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="aad40373-d7fc-4b47-9f66-db88b209cb29"><ac:plain-text-body><![CDATA[ |
[RSD:{delegation-token}] |
RPC protocol with SASL mutual authentication using delegation tokens/ |
]]></ac:plain-text-body></ac:structured-macro> |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="5e8a2c0f-445a-4610-9d10-7e61e25b7720"><ac:plain-text-body><![CDATA[ |
[DTP] |
Data transfer protocol between the DataNode and a client. HTTP protocol with block tokens plus SHA1 hash exchange. |
]]></ac:plain-text-body></ac:structured-macro> |
Suffixes are used in many cases to denote type.
Abbreviation |
Description |
tgt |
Kerberos Ticket Granting Ticket |
kp |
Kerberos Principal: nn-kp = The Kerberos principal for the NameNode nn |
kt |
Kerberos Ticket: u-jt-kt = A Kerberos Ticket for User u to access the JobTracker jt |
Kerberos principals use the principal abbreviation and the kp suffix.
Abbreviation |
Description |
nn-kp |
NameNode's Kerberos Principal |
dn-kp |
DataNode's Kerberos Principal (Unique principal for each DataNode on every node) |
jt-kp |
JobTracker's Kerberos Principal |
tt-kp |
TaskTracker's Kerberos Principal (Unique principal for each TaskTracker on every node) |
Kerberos tickets use the consumer principal abbreviation, provider principal abbreviation and kt suffix.
Abbreviation |
Description |
u-nn-kt |
Kerberos service ticket for User u to access NameNode nn } |
u-jt-kt |
Kerberos service ticket for User u to access JobTracker jt } |
dn-nn-kt |
Kerberos service ticket for DataNode dn to access NameNode nn } |
jt-nn-kt |
Kerberos service ticket for JobTracker dn to access NameNode nn } |
tt-jt-kt |
Kerberos service ticket for TaskTracker tt to access JobTracker jt } |