Introduction to Mutual Trust Relationships Between Clusters
Function Description
By default, users of big data clusters in safe mode can only access resources in the cluster. In other clusters, they cannot perform identity authentication to access resources in safe mode.
Features
- Domain
The usage range of users in each system is called a domain. Each Manager system must have a unique domain name. Cross-Manager access means users to be used across domains.
- User Encryption
Cross-Manager mutual trust relationships can be configured by using FusionInsight Manager. The current Kerberos server supports only aes256-cts-hmac-sha1-96:normal and aes128-cts-hmac-sha1-96:normal. Encryption types for encrypting cross-domain users cannot be changed.
- User Authentication
After cross-manager mutual trust is configured, if a user with the same name exists in the two systems and the user with the same name in the peer system has the permission to access a resource in the system, the current system user can access the remote resource.
- Direct Mutual Trust
When cross-cluster mutual trust relationships are built between two clusters, the system saves the mutual-trust receipts. Users can access the remote system through the mutual-trust receipts.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
