HDFS access control

To prevent Hadoop Distributed File System (HDFS) from using non-secured access types (such as HTTP unencrypted protocol or local files), you need to edit a configuration file in your Remote Engine Gen2 installation.

Procedure

Go to the Remote Engine Gen2 installation directory.
Open the default/docker-compose.yml file to edit it.
Find the following parameters in the service named livy and make sure their values are set to false.
```
livy:
	...
	environment:
		...
		CONNECTORS_ENABLE_NON_SECURED_ACCESS: "false"
		CONNECTORS_ENABLE_LOCAL_NETWORK_ACCESS: "false"
```
Setting the value of one of these parameters to false will result in allowing only secured protocols:
- CONNECTORS_ENABLE_NON_SECURED_ACCESS: "false" will prevent the HDFS connector from accepting unencrypted protocols.
- CONNECTORS_ENABLE_LOCAL_NETWORK_ACCESS: "false" will prevent the HDFS connector from accepting local files (File is Blocked; HDFS or webHDFS works).
In the same file, look for the same parameters in the services named previewrunner and component-server and change their values to false as well.
Save your changes and close the file.
Restart the engine to take these changes into account.

Did this page help you?

If you find any issues with this page or its content – a typo, a missing step, or a technical error – please let us know!

Leave your feedback here