Help Center> Database Security Service> FAQs> Operations> How Do I Add an HBase Database and Perform Audit?

Updated on 2024-04-16 GMT+08:00

View PDF

How Do I Add an HBase Database and Perform Audit?

An HBase database consists of an active master node, a standby master node, and multiple RegionServer nodes.

When auditing an HBase database, add its master node and RegionServer node as independent databases.

Constraints

Only the HBase (protobuf) format protocol is supported. The HBase (thrift) protocol is not supported.
Only the simple and kerberos authentication modes are supported.

Kerberos authentication applies to the following scenarios: authentication (authentication only), integrity (Authentication+Integrity check), and privacy (Authentication+Integrity check+Encryption).

Currently, Huawei Cloud supports only the authentication scenario.

The integrity and privacy scenarios are not supported.

Operation

An HBase database consists of an active master node, a standby master node, and two RegionServer nodes.

Active master node: IP address is 192.168.0.1 and service port number is 16000.
Standby master node: IP address is 192.168.0.2 and service port number is 16000.
RegionServer1 node: IP address is 192.168.0.3 and service port number is 16020.
RegionServer2 node: IP address is 192.168.0.4 and service port number is 16020.

When auditing this HBase database, you need to add four databases. The IP addresses and ports of the four databases are as follows:

192.168.0.1:16000 (corresponding to the active master node)
192.168.0.2:16000 (corresponding to the standby master node)
192.168.0.3:16020 (corresponding to the RegionServer1 node)
192.168.0.4:16020 (corresponding to the RegionServer2 node)

If there is no standby master node, you do not need to add the standby master database.

How Do I Use Audit the HBase Database in an MRS Cluster?

If an MRS cluster is created in the default mode, the cluster uses the "authentication + encryption" mode in Kerberos authentication. In this case, DBSS cannot audit the database. You need to change the authentication mode.

Change the authentication mode of an MRS cluster in the Kerberos authentication scenario:

Go to the cluster management page. On the FusionInsight Manager page, choose Cluster and click the name of the target cluster. Choose HBase > Configuration > Basic Configuration, locate the hbase.rpc.protection configuration item, and change its value.

Authentication methods corresponding to the value of hbase.rpc.protection:

authentication: Authentication only
integrity: Authentication + Integrity check
privacy: Authentication + Integrity check + Encryption

Parent topic: Operations

Operations FAQs

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel

For any further questions, feel free to contact us through the chatbot.

Chatbot

more