Help Center/ MapReduce Service/ User Guide (Ankara Region)/ Overview/ Components/ FTP-Server/ FTP-Server Basic Principles
Updated on 2024-11-29 GMT+08:00
View PDF
Share

FTP-Server Basic Principles

Overview

FTP-Server is a pure Java File Transfer Protocol (FTP) service based on the existing open FTP protocol. FTP-Server supports FTP and FTP over SSL (FTPS). Each FTP-Server service supports port and passive data transmission modes. You can perform operations, such as uploading or downloading files, viewing, creating, or deleting directories, and modifying file access permissions, on HDFS through an FTP client.

  • Supports FTPS. FTPS-based data transmission is encrypted to ensure security. FTP has security risks. It is recommended that FTPS be used.
  • Supports port and passive data transmission modes.
  • Performs user authentication by using the Kerberos authentication service provided by a cluster.

FTP-Server structure

The FTP-Server service consists of multiple FTP-Server or FTPS-Server processes, as shown in Figure 1.

The FTP-Server service can be deployed on multiple nodes. Each node has only one FTP-Server instance, and each instance has only one FTP-Server process.

Figure 1 FTP-Server structure

FTP Client

The FTP client is used to access the FTP server to upload and download data. The FTP client is integrated into service applications.

FTP Server

The FTP server provides standard FTP APIs externally for FTP clients to access the HDFS system. The FTP server provides most of the FTP commands.

The basic MRS services implement underlying services of FTP servers. That is, the Kerberos security authentication service implements user management, the HDFS service implements data storage, and the OMS service implements service configuration.

Basic Servers

The FTP server provides the following basic services:

  • Kerberos security service: supports FTP user management and user login.
  • HDFS: implements data storage.
  • OMS: configures FTP service parameters and enables or disables FTP services.

Principle

Figure 2 shows the FTP-Server data access process.

Figure 2 FTP-Server data access process
  1. An FTP client connects to the FTP server using the FTP service IP address and port number.
  2. The FTP server uses the information to perform user authentication on the Kerberos module.
  3. After the authentication succeeds, the FTP server accesses HDFS and returns the file information to the client.
  4. The FTP client uses the standard FTP to upload and download files and manage HDFS file directories.

Security

FTP communication is not encrypted, so that the content, username, password, and transmission data are easily stolen. Therefore, FTPS is recommended to be used in untrusted networks. MRS provides FTP-Server to support basic enterprise and financial applications. FTPS allows data to be encrypted during transmission, effectively preventing information leakage. When the client uses FTPS, only the implicit FTP over TLS encryption mode is supported.

The FTP-Server process of FTP is disabled by default. The administrator can enable it on the FTP service configuration window. A connection can be created (using the business IP address) only after the service is restarted.

Each node supports 16 FTP/FTPS (user or client) connections by default. To satisfy performance requirements, FTPS is recommended to be used with the command channel encrypted but the data channel not encrypted.

Parent topic: FTP-Server