6. Create Service Users and Groups

In general Hadoop services should be owned by specific users and not by root or application users. The table below shows typical users for Hadoop services. Identify the users that you want for your Hadoop services and the common Hadoop group and create these accounts on your system.

[Note]Note

If you are considering installing your cluster in secure mode, either at installation or at a later time, you need to understand the relationship between OS system service users and Kerberos principals. Hadoop uses group memberships of users at various places, such as to determine group ownership for files or for access control. In order for Hadoop to be able to connect a Kerberos principal with its respective OS system service user, a mapping must be created. For more information on this process, see Setting Up Security for Manual Installs

 

Table 1.1. Typical Service Users and Groups

Hadoop ServiceUserGroup

HDFS

hdfs

hadoop

MapReduce

mapred

hadoop

Hive

hive

hadoop

Pig

pig

hadoop

HCatalog/WebHCat

hcat

hadoop

HBase

hbase

hadoop

ZooKeeper

zookeeper

hadoop

Oozie

oozie

hadoop



loading table of contents...