From f8173f33d38a89c68520631c2d0a531822538f89 Mon Sep 17 00:00:00 2001 From: Gargi Jaiswal Date: Tue, 2 Dec 2025 12:04:27 +0530 Subject: [PATCH 1/3] added stopAfterDiskEven in status output and updated doc with proper authentication example --- .../docs/content/design/diskbalancer.md | 54 ++++++++++++++++--- .../docs/content/feature/DiskBalancer.md | 54 ++++++++++++++++--- .../docs/content/feature/DiskBalancer.zh.md | 51 +++++++++++++++--- .../DiskBalancerStatusSubcommand.java | 8 ++- .../datanode/TestDiskBalancerSubCommands.java | 2 + 5 files changed, 144 insertions(+), 25 deletions(-) diff --git a/hadoop-hdds/docs/content/design/diskbalancer.md b/hadoop-hdds/docs/content/design/diskbalancer.md index 0c9a8b4436aa..711c75b6039c 100644 --- a/hadoop-hdds/docs/content/design/diskbalancer.md +++ b/hadoop-hdds/docs/content/design/diskbalancer.md @@ -119,6 +119,52 @@ and is not already being moved by another balancing operation. To optimize perfo containers repeatedly, it caches the list of containers for each volume which auto expires after one hour of its last used time or if the container iterator for that is invalidated on full utilisation. +## Authentication and Authorization + +* **Authentication**: RPC authentication is required (e.g., via `kinit` in secure clusters). The client's identity is verified by the datanode's RPC layer. + +* **Authorization**: Each datanode performs authorization checks using `OzoneAdmins` based on the `ozone.administrators` configuration: + - **Admin operations** (start, stop, update): Require the user to be in `ozone.administrators` + - **Read-only operations** (status, report): Do not require admin privileges + +#### Default Behavior + +By default, if `ozone.administrators` is not configured, only the user who launched the datanode service can start, stop, +or update DiskBalancer. This means that in a typical deployment where the datanode runs as user `dn`, only that user has +admin privileges for DiskBalancer operations. + +#### Enabling Authentication for Additional Users + +To allow other users to perform DiskBalancer admin operations (start, stop, update), configure the `ozone.administrators` property in `ozone-site.xml`: + +**Example 1: Single user** +```xml + + ozone.administrators + scm + +``` + +**Example 2: Multiple users** +```xml + + ozone.administrators + scm,hdfs + +``` + +**Example 3: Using groups** +```xml + + ozone.administrators.groups + ozone-admins,cluster-operators + +``` + +**Note**: `ozone-admins` and `cluster-operators` are example group names. Replace them with actual group names +from your environment. After updating the `ozone.administrators` and `ozone.administrators.groups` configuration, +restart the datanode service for the changes to take effect. + ## CLI Interface The DiskBalancer CLI provides the following commands: @@ -187,14 +233,6 @@ ozone admin datanode diskbalancer status --in-service-datanodes --json ozone admin datanode diskbalancer update DN-1 -b 50 ``` -### Authentication and Authorization - -* **Authentication**: RPC authentication is required (e.g., via `kinit` in secure clusters). The client's identity is verified by the datanode's RPC layer. - -* **Authorization**: Each datanode performs authorization checks using `OzoneAdmins` based on the `ozone.administrators` configuration: - - **Admin operations** (start, stop, update): Require the user to be in `ozone.administrators` - - **Read-only operations** (status, report): Do not require admin privileges - ### Operational State Awareness DiskBalancer automatically responds to datanode operational state changes: diff --git a/hadoop-hdds/docs/content/feature/DiskBalancer.md b/hadoop-hdds/docs/content/feature/DiskBalancer.md index 7b0fe76c2f4f..a6da09a554be 100644 --- a/hadoop-hdds/docs/content/feature/DiskBalancer.md +++ b/hadoop-hdds/docs/content/feature/DiskBalancer.md @@ -48,6 +48,52 @@ The Disk Balancer feature is introduced with a feature flag. By default, this fe The feature can be **enabled** by setting the following property to `true` in the `ozone-site.xml` configuration file: `hdds.datanode.disk.balancer.enabled = false` +### Authentication and Authorization + +* **Authentication**: RPC authentication is required (e.g., via `kinit` in secure clusters). The client's identity is verified by the datanode's RPC layer. + +* **Authorization**: Each datanode performs authorization checks using `OzoneAdmins` based on the `ozone.administrators` configuration: + - **Admin operations** (start, stop, update): Require the user to be in `ozone.administrators` + - **Read-only operations** (status, report): Do not require admin privileges + +#### Default Behavior + +By default, if `ozone.administrators` is not configured, only the user who launched the datanode service can start, stop, +or update DiskBalancer. This means that in a typical deployment where the datanode runs as user `dn`, only that user has +admin privileges for DiskBalancer operations. + +#### Enabling Authentication for Additional Users + +To allow other users to perform DiskBalancer admin operations (start, stop, update), configure the `ozone.administrators` property in `ozone-site.xml`: + +**Example 1: Single user** +```xml + + ozone.administrators + scm + +``` + +**Example 2: Multiple users** +```xml + + ozone.administrators + scm,hdfs + +``` + +**Example 3: Using groups** +```xml + + ozone.administrators.groups + ozone-admins,cluster-operators + +``` + +**Note**: `ozone-admins` and `cluster-operators` are example group names. Replace them with actual +group names from your environment. After updating the `ozone.administrators` configuration, +restart the datanode service for the changes to take effect. + ## Command Line Usage The DiskBalancer is managed through the `ozone admin datanode diskbalancer` command. @@ -162,14 +208,6 @@ ozone admin datanode diskbalancer report --in-service-datanodes ozone admin datanode diskbalancer report --in-service-datanodes --json ``` -### Authentication and Authorization - -* **Authentication**: RPC authentication is required (e.g., via `kinit` in secure clusters). The client's identity is verified by the datanode's RPC layer. - -* **Authorization**: Each datanode performs authorization checks using `OzoneAdmins` based on the `ozone.administrators` configuration: - - **Admin operations** (start, stop, update): Require the user to be in `ozone.administrators` - - **Read-only operations** (status, report): Do not require admin privileges - ## **DiskBalancer Configurations** The DiskBalancer's behavior can be controlled using the following configuration properties in `ozone-site.xml`. diff --git a/hadoop-hdds/docs/content/feature/DiskBalancer.zh.md b/hadoop-hdds/docs/content/feature/DiskBalancer.zh.md index 106ba1de6a99..c6915ac7902a 100644 --- a/hadoop-hdds/docs/content/feature/DiskBalancer.zh.md +++ b/hadoop-hdds/docs/content/feature/DiskBalancer.zh.md @@ -44,6 +44,50 @@ summary: 数据节点的磁盘平衡器. 可以通过在“ozone-site.xml”配置文件中将以下属性设置为“true”来**启用**该功能: `hdds.datanode.disk.balancer.enabled = false` +## 身份验证和授权 + +* **身份验证**:需要 RPC 身份验证(例如,在安全集群中通过 `kinit`)。客户端的身份由数据节点的 RPC 层验证。 + +* **授权**:每个数据节点都使用 `OzoneAdmins` 根据 `ozone.administrators` 配置执行授权检查: +- **管理操作**(启动、停止、更新):要求用户位于 `ozone.administrators` 成员中 +- **只读操作**(状态、报告):不需要管理员权限 + +#### 默认行为 + +默认情况下,如果未配置 `ozone.administrators`,则只有启动数据节点服务的用户才能启动、停止或更新 DiskBalancer。 + +这意味着在典型的部署中,如果数据节点以用户 `dn` 的身份运行,则只有该用户拥有 DiskBalancer 操作的 管理员权限。 + +#### 为其他用户启用身份验证 + +要允许其他用户执行 DiskBalancer 管理操作(启动、停止、更新),请在 `ozone-site.xml` 文件中配置 `ozone.administrators` 属性: + +**Example 1: Single user** +```xml + + ozone.administrators + scm + +``` + +**Example 2: Multiple users** +```xml + + ozone.administrators + scm,hdfs + +``` + +**Example 3: Using groups** +```xml + + ozone.administrators.groups + ozone-admins,cluster-operators + +``` +**注意**:`ozone-admins` 和 `cluster-operators` 是示例组名称。请将其替换为您环境中的实际组名称。 更新 `ozone.administrators` 配置后, +请重启数据节点服务以使更改生效。 + ## 命令行用法 DiskBalancer 通过 `ozone admin datanode diskbalancer` 命令进行管理。 @@ -157,13 +201,6 @@ ozone admin datanode diskbalancer report --in-service-datanodes # 以 JSON 格式获取报告 ozone admin datanode diskbalancer report --in-service-datanodes --json ``` -### 身份验证和授权 - -* **身份验证**:需要 RPC 身份验证(例如,在安全集群中通过 `kinit`)。客户端的身份由数据节点的 RPC 层验证。 - -* **授权**:每个数据节点都使用 `OzoneAdmins` 根据 `ozone.administrators` 配置执行授权检查: -- **管理操作**(启动、停止、更新):要求用户位于 `ozone.administrators` 成员中 -- **只读操作**(状态、报告):不需要管理员权限 ## DiskBalancer Configurations diff --git a/hadoop-ozone/cli-admin/src/main/java/org/apache/hadoop/hdds/scm/cli/datanode/DiskBalancerStatusSubcommand.java b/hadoop-ozone/cli-admin/src/main/java/org/apache/hadoop/hdds/scm/cli/datanode/DiskBalancerStatusSubcommand.java index 7ef6c0010430..1bcc62e512e6 100644 --- a/hadoop-ozone/cli-admin/src/main/java/org/apache/hadoop/hdds/scm/cli/datanode/DiskBalancerStatusSubcommand.java +++ b/hadoop-ozone/cli-admin/src/main/java/org/apache/hadoop/hdds/scm/cli/datanode/DiskBalancerStatusSubcommand.java @@ -91,7 +91,7 @@ protected void displayResults(List successNodes, List failedNode private String generateStatus(List protos) { StringBuilder formatBuilder = new StringBuilder("Status result:%n" + - "%-35s %-15s %-15s %-15s %-12s %-12s %-12s %-15s %-15s %-15s%n"); + "%-35s %-15s %-15s %-15s %-12s %-20s %-12s %-12s %-15s %-18s %-20s%n"); List contentList = new ArrayList<>(); contentList.add("Datanode"); @@ -99,6 +99,7 @@ private String generateStatus(List protos) { contentList.add("Threshold(%)"); contentList.add("BandwidthInMB"); contentList.add("Threads"); + contentList.add("StopAfterDiskEven"); contentList.add("SuccessMove"); contentList.add("FailureMove"); contentList.add("BytesMoved(MB)"); @@ -106,7 +107,7 @@ private String generateStatus(List protos) { contentList.add("EstTimeLeft(min)"); for (HddsProtos.DatanodeDiskBalancerInfoProto proto : protos) { - formatBuilder.append("%-35s %-15s %-15s %-15s %-12s %-12s %-12s %-15s %-15s %-15s%n"); + formatBuilder.append("%-35s %-15s %-15s %-15s %-12s %-20s %-12s %-12s %-15s %-18s %-20s%n"); long estimatedTimeLeft = calculateEstimatedTimeLeft(proto); long bytesMovedMB = (long) Math.ceil(proto.getBytesMoved() / (1024.0 * 1024.0)); long bytesToMoveMB = (long) Math.ceil(proto.getBytesToMove() / (1024.0 * 1024.0)); @@ -119,6 +120,8 @@ private String generateStatus(List protos) { String.valueOf(proto.getDiskBalancerConf().getDiskBandwidthInMB())); contentList.add( String.valueOf(proto.getDiskBalancerConf().getParallelThread())); + contentList.add( + String.valueOf(proto.getDiskBalancerConf().getStopAfterDiskEven())); contentList.add(String.valueOf(proto.getSuccessMoveCount())); contentList.add(String.valueOf(proto.getFailureMoveCount())); contentList.add(String.valueOf(bytesMovedMB)); @@ -153,6 +156,7 @@ private Map createStatusResult(DatanodeDiskBalancerInfoProto sta result.put("threshold", status.getDiskBalancerConf().getThreshold()); result.put("bandwidthInMB", status.getDiskBalancerConf().getDiskBandwidthInMB()); result.put("threads", status.getDiskBalancerConf().getParallelThread()); + result.put("stopAfterDiskEven", status.getDiskBalancerConf().getStopAfterDiskEven()); result.put("successMove", status.getSuccessMoveCount()); result.put("failureMove", status.getFailureMoveCount()); result.put("bytesMovedMB", (long) Math.ceil(status.getBytesMoved() / (1024.0 * 1024.0))); diff --git a/hadoop-ozone/cli-admin/src/test/java/org/apache/hadoop/hdds/scm/cli/datanode/TestDiskBalancerSubCommands.java b/hadoop-ozone/cli-admin/src/test/java/org/apache/hadoop/hdds/scm/cli/datanode/TestDiskBalancerSubCommands.java index 18cd51a48e2f..9f95fd3f117f 100644 --- a/hadoop-ozone/cli-admin/src/test/java/org/apache/hadoop/hdds/scm/cli/datanode/TestDiskBalancerSubCommands.java +++ b/hadoop-ozone/cli-admin/src/test/java/org/apache/hadoop/hdds/scm/cli/datanode/TestDiskBalancerSubCommands.java @@ -442,6 +442,7 @@ public void testStatusDiskBalancerWithJson() throws Exception { assertTrue(output.contains("\"threshold\"")); assertTrue(output.contains("\"bandwidthInMB\"")); assertTrue(output.contains("\"threads\"")); + assertTrue(output.contains("\"stopAfterDiskEven\"")); } } @@ -648,6 +649,7 @@ private DatanodeDiskBalancerInfoProto createStatusProto(String hostname, .setThreshold(threshold) .setDiskBandwidthInMB(bandwidthInMB) .setParallelThread(parallelThread) + .setStopAfterDiskEven(true) .build(); return DatanodeDiskBalancerInfoProto.newBuilder() From f501b3ff23b8fc7136169dabae7910186bafee8e Mon Sep 17 00:00:00 2001 From: Gargi Jaiswal Date: Tue, 2 Dec 2025 15:27:01 +0530 Subject: [PATCH 2/3] remove duplication of content from design and feature doc --- .../docs/content/design/diskbalancer.md | 139 +++--------------- .../docs/content/feature/DiskBalancer.md | 32 +++- .../docs/content/feature/DiskBalancer.zh.md | 34 ++++- 3 files changed, 77 insertions(+), 128 deletions(-) diff --git a/hadoop-hdds/docs/content/design/diskbalancer.md b/hadoop-hdds/docs/content/design/diskbalancer.md index 711c75b6039c..1a05c35ed880 100644 --- a/hadoop-hdds/docs/content/design/diskbalancer.md +++ b/hadoop-hdds/docs/content/design/diskbalancer.md @@ -119,119 +119,32 @@ and is not already being moved by another balancing operation. To optimize perfo containers repeatedly, it caches the list of containers for each volume which auto expires after one hour of its last used time or if the container iterator for that is invalidated on full utilisation. -## Authentication and Authorization +## Security Design +DiskBalancer implements a two-tier security model: -* **Authentication**: RPC authentication is required (e.g., via `kinit` in secure clusters). The client's identity is verified by the datanode's RPC layer. +* **Authentication**: Clients communicate directly with datanodes via RPC. In secure clusters, RPC authentication is required (Kerberos). -* **Authorization**: Each datanode performs authorization checks using `OzoneAdmins` based on the `ozone.administrators` configuration: - - **Admin operations** (start, stop, update): Require the user to be in `ozone.administrators` - - **Read-only operations** (status, report): Do not require admin privileges +* **Authorization**: After successful authentication, each datanode performs authorization checks using `OzoneAdmins` based on the `ozone.administrators` configuration: + - **Admin operations** (start, stop, update): Require the authenticated user to be in `ozone.administrators` or belong to a group in `ozone.administrators.groups` + - **Read-only operations** (status, report): Do not require admin privileges - any authenticated user can query status and reports + +By default, if `ozone.administrators` is not configured, only the user who launched the datanode service has admin privileges. This ensures that DiskBalancer operations are restricted to authorized administrators while allowing read-only access for monitoring purposes. -#### Default Behavior +## CLI Interface Design -By default, if `ozone.administrators` is not configured, only the user who launched the datanode service can start, stop, -or update DiskBalancer. This means that in a typical deployment where the datanode runs as user `dn`, only that user has -admin privileges for DiskBalancer operations. +The DiskBalancer CLI provides five main commands that communicate directly with datanodes: -#### Enabling Authentication for Additional Users +1. **start** - Initiates DiskBalancer on `specified datanodes` or all `in-service-datanodes` with optional configuration parameters +2. **stop** - Stops DiskBalancer operations on specified datanodes. +3. **update** - Updates DiskBalancer configuration. +4. **status** - Retrieves current DiskBalancer status including running state, metrics, and configuration. +5. **report** - Retrieves volume density report showing imbalance analysis. -To allow other users to perform DiskBalancer admin operations (start, stop, update), configure the `ozone.administrators` property in `ozone-site.xml`: - -**Example 1: Single user** -```xml - - ozone.administrators - scm - -``` - -**Example 2: Multiple users** -```xml - - ozone.administrators - scm,hdfs - -``` - -**Example 3: Using groups** -```xml - - ozone.administrators.groups - ozone-admins,cluster-operators - -``` - -**Note**: `ozone-admins` and `cluster-operators` are example group names. Replace them with actual group names -from your environment. After updating the `ozone.administrators` and `ozone.administrators.groups` configuration, -restart the datanode service for the changes to take effect. - -## CLI Interface - -The DiskBalancer CLI provides the following commands: - -### Command Syntax - -**Start DiskBalancer:** -```bash -ozone admin datanode diskbalancer start [ ...] [OPTIONS] [--in-service-datanodes] -``` - -**Stop DiskBalancer:** -```bash -ozone admin datanode diskbalancer stop [ ...] [--in-service-datanodes] -``` - -**Update Configuration:** -```bash -ozone admin datanode diskbalancer update [ ...] [OPTIONS] [--in-service-datanodes] -``` - -**Get Status:** -```bash -ozone admin datanode diskbalancer status [ ...] [--in-service-datanodes] [--json] -``` - -**Get Report:** -```bash -ozone admin datanode diskbalancer report [ ...] [--in-service-datanodes] [--json] -``` - -### Command Options - -| Option | Description | Example | -|-------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------| -| `` | One or more datanode addresses as positional arguments. Addresses can be:
- Hostname (e.g., `DN-1`) - uses default CLIENT_RPC port (9858)
- Hostname with port (e.g., `DN-1:9858`)
- IP address (e.g., `192.168.1.10`)
- IP address with port (e.g., `192.168.1.10:9858`)
- Stdin (`-`) - reads datanode addresses from standard input, one per line | `DN-1`
`DN-1:9858`
`192.168.1.10`
`-` | -| `--in-service-datanodes` | It queries SCM for all IN_SERVICE datanodes and executes the command on all of them. | `--in-service-datanodes` | -| `--json` | Format output as JSON. | `--json` | -| `-t/--threshold` | Volume density threshold percentage (default: 10.0). Used with `start` and `update` commands. | `-t 5`
`--threshold 5.0` | -| `-b/--bandwidth-in-mb` | Maximum disk bandwidth in MB/s (default: 10). Used with `start` and `update` commands. | `-b 20`
`--bandwidth-in-mb 50` | -| `-p/--parallel-thread` | Number of parallel threads (default: 1). Used with `start` and `update` commands. | `-p 5`
`--parallel-thread 10` | -| `-s/--stop-after-disk-even` | Stop automatically after disks are balanced (default: false). Used with `start` and `update` commands. | `-s false`
`--stop-after-disk-even true` | - -### Examples - -```bash -# Start DiskBalancer on a specific datanode -ozone admin datanode diskbalancer start DN-1 - -# Start DiskBalancer on multiple datanodes -ozone admin datanode diskbalancer start DN-1 DN-2 DN-3 - -# Start DiskBalancer on all IN_SERVICE datanodes -ozone admin datanode diskbalancer start --in-service-datanodes - -# Start DiskBalancer with configuration parameters -ozone admin datanode diskbalancer start DN-1 -t 5 -b 20 -p 5 - -# Read datanode addresses from stdin -echo -e "DN-1\nDN-2" | ozone admin datanode diskbalancer start - - -# Get status as JSON -ozone admin datanode diskbalancer status --in-service-datanodes --json - -# Update configuration on specific datanode (partial update - only specified parameters are updated) -ozone admin datanode diskbalancer update DN-1 -b 50 -``` +The CLI supports: +- **Direct datanode addressing**: Commands can target specific datanodes by hostname or IP address +- **Batch operations**: The `--in-service-datanodes` flag queries SCM for all IN_SERVICE and HEALTHY datanodes and executes commands on all of them +- **Flexible input**: Datanode addresses can be provided as positional arguments or read from stdin +- **Output formats**: Results can be displayed in human-readable format or JSON for programmatic access ### Operational State Awareness @@ -244,17 +157,7 @@ This ensures DiskBalancer respects datanode lifecycle management and does not in ## Feature Flag -The Disk Balancer feature is introduced with a feature flag. By default, this feature is disabled. - -The feature can be enabled by setting the following property to `true` in the `ozone-site.xml` configuration file: -`hdds.datanode.disk.balancer.enabled = false` - -Developers who wish to test or use the Disk Balancer must explicitly enable it. Once the feature is -considered stable, the default value may be changed to `true` in a future release. - -**Note:** This command is hidden from the main help message (`ozone admin datanode --help`). This is because the feature -is currently considered experimental and is disabled by default. The command is, however, fully functional for those who -wish to enable and use the feature. +The DiskBalancer feature is gated behind a feature flag (`hdds.datanode.disk.balancer.enabled`) to allow controlled rollout. By default, the feature is disabled. When disabled, the DiskBalancer service is not initialized on datanodes, and the CLI commands are hidden from the main help output to prevent accidental usage. ## DiskBalancer Metrics diff --git a/hadoop-hdds/docs/content/feature/DiskBalancer.md b/hadoop-hdds/docs/content/feature/DiskBalancer.md index a6da09a554be..ac0ea9aa28e2 100644 --- a/hadoop-hdds/docs/content/feature/DiskBalancer.md +++ b/hadoop-hdds/docs/content/feature/DiskBalancer.md @@ -50,11 +50,33 @@ The feature can be **enabled** by setting the following property to `true` in th ### Authentication and Authorization -* **Authentication**: RPC authentication is required (e.g., via `kinit` in secure clusters). The client's identity is verified by the datanode's RPC layer. +DiskBalancer commands communicate directly with datanodes via RPC, requiring proper authentication and authorization configuration. -* **Authorization**: Each datanode performs authorization checks using `OzoneAdmins` based on the `ozone.administrators` configuration: - - **Admin operations** (start, stop, update): Require the user to be in `ozone.administrators` - - **Read-only operations** (status, report): Do not require admin privileges +#### Authentication Configuration + +In secure clusters with Kerberos enabled, the datanode must have its Kerberos principal configured for RPC authentication in `ozone-site.xml`: + +```xml + + hdds.datanode.kerberos.principal + dn/_HOST@REALM.TLD + + The Datanode service principal. This is typically set to + dn/_HOST@REALM.TLD. Each Datanode will substitute _HOST with its + own fully qualified hostname at startup. The _HOST placeholder + allows using the same configuration setting on all Datanodes. + + +``` + +**Note**: Without this configuration, DiskBalancer commands will fail with authentication errors in secure clusters. +The client uses this principal to verify the datanode's identity when establishing RPC connections. + +#### Authorization Configuration + +Each datanode performs authorization checks using `OzoneAdmins` based on the `ozone.administrators` configuration: +- **Admin operations** (start, stop, update): Require the user to be in `ozone.administrators` or belong to a group in `ozone.administrators.groups` +- **Read-only operations** (status, report): Do not require admin privileges - any authenticated user can query status and reports #### Default Behavior @@ -62,7 +84,7 @@ By default, if `ozone.administrators` is not configured, only the user who launc or update DiskBalancer. This means that in a typical deployment where the datanode runs as user `dn`, only that user has admin privileges for DiskBalancer operations. -#### Enabling Authentication for Additional Users +#### Enabling Authorization for Additional Users To allow other users to perform DiskBalancer admin operations (start, stop, update), configure the `ozone.administrators` property in `ozone-site.xml`: diff --git a/hadoop-hdds/docs/content/feature/DiskBalancer.zh.md b/hadoop-hdds/docs/content/feature/DiskBalancer.zh.md index c6915ac7902a..ab83c6e75382 100644 --- a/hadoop-hdds/docs/content/feature/DiskBalancer.zh.md +++ b/hadoop-hdds/docs/content/feature/DiskBalancer.zh.md @@ -44,13 +44,37 @@ summary: 数据节点的磁盘平衡器. 可以通过在“ozone-site.xml”配置文件中将以下属性设置为“true”来**启用**该功能: `hdds.datanode.disk.balancer.enabled = false` -## 身份验证和授权 +### 身份验证和授权 -* **身份验证**:需要 RPC 身份验证(例如,在安全集群中通过 `kinit`)。客户端的身份由数据节点的 RPC 层验证。 +DiskBalancer 命令通过 RPC 直接与数据节点通信,因此需要进行正确的身份验证和授权配置。 -* **授权**:每个数据节点都使用 `OzoneAdmins` 根据 `ozone.administrators` 配置执行授权检查: -- **管理操作**(启动、停止、更新):要求用户位于 `ozone.administrators` 成员中 -- **只读操作**(状态、报告):不需要管理员权限 +#### 身份验证配置 + +在启用了 Kerberos 的安全集群中,必须在 `ozone-site.xml` 文件中配置数据节点的 Kerberos 主体以进行 RPC 身份验证: + +```xml + +hdds.datanode.kerberos.principal +dn/_HOST@REALM.TLD + + The Datanode service principal. This is typically set to + dn/_HOST@REALM.TLD. Each Datanode will substitute _HOST with its + own fully qualified hostname at startup. The _HOST placeholder + allows using the same configuration setting on all Datanodes. + + + +``` + +**注意**:如果没有此配置,DiskBalancer 命令在安全集群中将因身份验证错误而失败。 客户端使用此主体在建立 RPC 连接时验证数据节点的身份。 + +#### 授权配置 + +每个数据节点都使用 `OzoneAdmins` 根据 `ozone.administrators` 配置执行授权检查: + +- **管理员操作**(启动、停止、更新):要求用户位于 `ozone.administrators` 成员列表中,或属于 `ozone.administrators.groups` 中的某个组。 + +- **只读操作**(状态、报告):不需要管理员权限 - 任何已认证的用户都可以查询状态和报告。 #### 默认行为 From 15e30ac008dd6833669d7514b0513acbd4c2ae32 Mon Sep 17 00:00:00 2001 From: Gargi Jaiswal Date: Wed, 3 Dec 2025 09:47:44 +0530 Subject: [PATCH 3/3] minor change in design doc --- hadoop-hdds/docs/content/design/diskbalancer.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hadoop-hdds/docs/content/design/diskbalancer.md b/hadoop-hdds/docs/content/design/diskbalancer.md index 1a05c35ed880..f546b5253d7a 100644 --- a/hadoop-hdds/docs/content/design/diskbalancer.md +++ b/hadoop-hdds/docs/content/design/diskbalancer.md @@ -120,7 +120,7 @@ containers repeatedly, it caches the list of containers for each volume which au used time or if the container iterator for that is invalidated on full utilisation. ## Security Design -DiskBalancer implements a two-tier security model: +DiskBalancer follows the same security model as other services: * **Authentication**: Clients communicate directly with datanodes via RPC. In secure clusters, RPC authentication is required (Kerberos).