How Security is implemented in Apache Ozone

Bharat Viswanadham, Shashikant Banerjee

English Session 2021-08-06 14:10 GMT+8  (ROOM : A) #bigdata

Apache Ozone is a scalable, redundant, and distributed object store for Hadoop, which became Apache’s Top-level project in 2020. Apache Ozone has two metadata services one is Storage Container Manager(SCM) which manages the allocation of blocks/containers and replication, certificates, and node management and the other one is OzoneManager which manages metadata. In this talk, we shall discuss how security is implemented in ozone. From this talk, the audience would learn:

  1. How security functions across Apache ozone
  2. What security mechanisms are used across ozone components.
  3. Security model for support of multiple protocols/endpoints, like S3, RPC, HCFS, etc
  4. How security is handled with a CA distributing certificate to other components.
  5. Storage Container Manager (SCM) HA security architecture with root CA and Sub CA.
  6. OzoneManager HA Security and how tokens are validated.
  7. How BlockTokens are verified on the datanode.

Speakers:

Bharat Viswanadham: Software engineering professional with 7+ years of experience in designing and building scalable and high performant distributed storage systems. I am currently, a committer and PMC member of Apache Hadoop and Apache Ozone.

Shashikant Banerjee: Software engineering professional with 8+ years of experience in designing and building scalable and high performant distributed storage systems. I am currently, a committer and PMC member of Apache Hadoop, Apache Ozone and Apache Ratis community.