Cisco Cisco Workload Automation 6.3 User Guide

Configuring the MapReduce Adapter

Securing the Adapter

Click the 

 tab. If your Hadoop cluster is Kerberos secured, the Kerberos Principal and Kerberos Key Tab 

file is required. The Kerberos principal specifies a unique identity to which Kerberos can assign tickets. The Key Tab 
file is relative to the Master's file system and contains one or more Kerberos principals with their defined access to 
Hadoop.

The figure above shows the case for a Windows CWA master where “\\” are uses as path separator. For Unix, 

the separator will be “/”.

Click 

 to add or save the user record in the CWA database.

For further information about the 

dialog box, see your Cisco Workload Automation User Guide.

Authorizing Schedulers to Work With MapReduce Adapter Jobs

There are two steps involved in authorizing schedulers to work with MapReduce Adapter jobs:





Defining a Security Policy

Access to the MapReduce environment is controlled by assigning a MapReduce security policy with specified privileges 
to user accounts. The system administrator should create a new security policy or edit an existing policy in Scheduler as 
described below, that in addition to the normal user privileges, includes the capability to add and/or edit MapReduce 
jobs.

A user whose assigned security policy does not include MapReduce privileges cannot create and/or run MapReduce 
jobs.

From the 

 pane, select 

 to display the 

pane.

Right-click 

 and select 

 from the context menu. You can also right-click to 

select an existing security policy in the 

 pane and select 

.

If adding a new policy, click in the 

 field and enter a name for the policy.

On the 

 page, scroll to the 

 category, click the ellipses on the right-hand side of the 

dialog box and select the check boxes next to the functions that are to be authorized under this policy (

, 

, 

 and 

).

Click 

 on the 

 drop-down list.