vpruthi/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
doc-exports/docs/mrs/component-operation-guide/mrs_01_1608.html
Yang, Tong 6182f91ba8 MRS component operation guide_normal 2.0.38.SP20 version 
Reviewed-by: Hasko, Vladimir <vladimir.hasko@t-systems.com>
Co-authored-by: Yang, Tong <yangtong2@huawei.com>
Co-committed-by: Yang, Tong <yangtong2@huawei.com>
2022-12-09 14:55:21 +00:00

66 lines
14 KiB
HTML
Raw Blame History

<a name="mrs_01_1608"></a><a name="mrs_01_1608"></a>
<h1 class="topictitle1">Creating HBase Roles</h1>
<div id="body1595926919547"><div class="section" id="mrs_01_1608__s068dac6f5fd54af79001ce4fe1b9a8b1"><h4 class="sectiontitle">Scenario</h4><p id="mrs_01_1608__a6ab4909b056b40e4a00dfe5470f9c7c4">This section guides the system administrator to create and configure an HBase role on Manager. The HBase role can set HBase administrator permissions and read (R), write (W), create (C), execute (X), or manage (A) permissions for HBase tables and column families.</p>
</div>
<p id="mrs_01_1608__ae1a8510dc5714418817c4abe098fa48c">Users can create a table, query/delete/insert/update data, and authorize others to access HBase tables after they set the corresponding permissions for the specified databases or tables on HDFS.</p>
<div class="note" id="mrs_01_1608__nb17b22afdff9426a82d4f7019f167753"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><ul id="mrs_01_1608__ul188791828683"><li id="mrs_01_1608__li73291107720">This section applies to MRS 3.<em id="mrs_01_1608__i191961672570">x</em> or later clusters.</li><li id="mrs_01_1608__li1687920281813">HBase roles can be created in security mode, but cannot be created in normal mode.</li><li id="mrs_01_1608__li11879128287">If the current component uses Ranger for permission control, you need to configure related policies based on Ranger for permission management. For details, see <a href="mrs_01_1857.html">Adding a Ranger Access Permission Policy for HBase</a>.</li></ul>
</div></div>
<div class="section" id="mrs_01_1608__s1bcc316cdf0d4c8393088695f012466e"><h4 class="sectiontitle">Prerequisites</h4><ul id="mrs_01_1608__u8b17ec54ddd54ae48f8a71bd33901d48"><li id="mrs_01_1608__lb6b9e7ed22854027bc2eae1d44881214">The system administrator has understood the service requirements.</li></ul>
</div>
<ul id="mrs_01_1608__ubef9217b866340068c3f0122c35ab190"><li id="mrs_01_1608__leade52010d74405a8f76b0060ecb0e05">You have logged in to Manager.</li></ul>
<div class="section" id="mrs_01_1608__s662ce3846152499784251bb7c911f342"><h4 class="sectiontitle">Procedure</h4><ol id="mrs_01_1608__o186f566d69ae42dc8eb85a2b1ce63220"><li id="mrs_01_1608__l7bf2fec327e64c74a810a6d9868dccc2"><span>On Manager, choose <strong id="mrs_01_1608__b754655116381">System </strong>&gt; <strong id="mrs_01_1608__b6546175113812">Permission </strong>&gt; <strong id="mrs_01_1608__b454717512383">Role</strong>.</span></li><li id="mrs_01_1608__l384619f400714a499acf3f190486b551"><span>On the displayed page, click <strong id="mrs_01_1608__b961616562527">Create Role</strong> and enter a <strong id="mrs_01_1608__b1462119563523">Role Name</strong> and <strong id="mrs_01_1608__b2621175645214">Description</strong>.</span></li><li id="mrs_01_1608__l8c8314cfaae741fdb765b123d68968a9"><span>Set <strong id="mrs_01_1608__b111045015531">Permission</strong>. For details, see <a href="#mrs_01_1608__t873a9c44357b40cd98cb948ce9438d93">Table 1</a>.</span><p><p id="mrs_01_1608__afcc0faa989194357a61da9de3606ab8a">HBase permissions:</p>
<ul id="mrs_01_1608__u3431e698392949ebb0755cca3cf8fe7e"><li id="mrs_01_1608__l7bb92b4600e34a61b96fc8f208ce13f0">HBase Scope: Authorizes HBase tables. The minimum permission is read (R) and write (W) for columns.</li><li id="mrs_01_1608__l320823236dd145a9a71786cc613c0046">HBase administrator permission: HBase administrator permissions.</li></ul>
<div class="note" id="mrs_01_1608__na729c53cc400401e8a4e9fb35dc24ed4"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="mrs_01_1608__a89da7254c1b64e34bf54ebbaae231308">Users have the read (R), write (W), create (C), execute (X), and administrate (A) permissions for the tables created by themselves.</p>
</div></div>
<div class="tablenoborder"><a name="mrs_01_1608__t873a9c44357b40cd98cb948ce9438d93"></a><a name="t873a9c44357b40cd98cb948ce9438d93"></a><table cellpadding="4" cellspacing="0" summary="" id="mrs_01_1608__t873a9c44357b40cd98cb948ce9438d93" frame="border" border="1" rules="all"><caption><b>Table 1 </b>Setting a role</caption><thead align="left"><tr id="mrs_01_1608__r22d8abe0340447d689b9e0e015272547"><th align="left" class="cellrowborder" valign="top" width="30.259999999999998%" id="mcps1.3.6.2.3.2.4.2.3.1.1"><p id="mrs_01_1608__ac6fb62376c174fb5a3fc46f3ac6455d4">Task</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="69.74000000000001%" id="mcps1.3.6.2.3.2.4.2.3.1.2"><p id="mrs_01_1608__aa62388fc922c4b9d9bf078faefd25db3">Role Authorization</p>
</th>
</tr>
</thead>
<tbody><tr id="mrs_01_1608__row62954416143450"><td class="cellrowborder" valign="top" width="30.259999999999998%" headers="mcps1.3.6.2.3.2.4.2.3.1.1 "><p id="mrs_01_1608__p39209373143450">Setting the HBase administrator permission</p>
</td>
<td class="cellrowborder" valign="top" width="69.74000000000001%" headers="mcps1.3.6.2.3.2.4.2.3.1.2 "><p id="mrs_01_1608__p17770765143450">In <strong id="mrs_01_1608__b13368344145319">Configure Resource Permission</strong>, choose <em id="mrs_01_1608__i53731544185312">Name of the desired cluster</em> &gt; <strong id="mrs_01_1608__b18373344125318">HBase</strong> and select <strong id="mrs_01_1608__b193731344145314">HBase Administrator Permission</strong>.</p>
</td>
</tr>
<tr id="mrs_01_1608__r5dfed8c26b5f4a208625be1492d26005"><td class="cellrowborder" valign="top" width="30.259999999999998%" headers="mcps1.3.6.2.3.2.4.2.3.1.1 "><p id="mrs_01_1608__a41b42dfe116b448e9c83482bba5070b3">Setting the permission for users to create tables</p>
</td>
<td class="cellrowborder" valign="top" width="69.74000000000001%" headers="mcps1.3.6.2.3.2.4.2.3.1.2 "><ol type="a" id="mrs_01_1608__o637a274405c540a28eb3e2d9087eae63"><li id="mrs_01_1608__l384a221a63e744c788e6207e93b71986">In <strong id="mrs_01_1608__b36901959145313">Configure Resource Permission</strong>, choose <em id="mrs_01_1608__i1169519593532">Name of the desired cluster</em> &gt; <strong id="mrs_01_1608__b4695125945313">HBase</strong> &gt; <strong id="mrs_01_1608__b106956592531">HBase Scope</strong>.</li><li id="mrs_01_1608__l5066d959948d48cba14ef10e903dde48">Click <strong id="mrs_01_1608__b578645135412">global</strong>.</li><li id="mrs_01_1608__l6d4a03000372452ab514c85d316bde81">In the <strong id="mrs_01_1608__b1862018735413">Permission</strong> column of the specified namespace, select <strong id="mrs_01_1608__b19620127135419">Create</strong> and <strong id="mrs_01_1608__b7621871546">Execute</strong>. For example, select <strong id="mrs_01_1608__b8381894548">Create</strong> and <strong id="mrs_01_1608__b93811699545">Execute</strong> for the default namespace <strong id="mrs_01_1608__b23811198543">default</strong>.</li></ol>
</td>
</tr>
<tr id="mrs_01_1608__ra5f354c6849d44edbeed327936919363"><td class="cellrowborder" valign="top" width="30.259999999999998%" headers="mcps1.3.6.2.3.2.4.2.3.1.1 "><p id="mrs_01_1608__a6c2cafda8f5b409ba74b68582842934f">Setting the permission for users to write data to tables</p>
</td>
<td class="cellrowborder" valign="top" width="69.74000000000001%" headers="mcps1.3.6.2.3.2.4.2.3.1.2 "><ol type="a" id="mrs_01_1608__ob98db7ec463946fab48b32af2a41711a"><li id="mrs_01_1608__l03667d6b1cc545f2afd38f8a5cd4606b">In <strong id="mrs_01_1608__b8249101320545">Configure Resource Permission</strong>, choose <em id="mrs_01_1608__i172543139544">Name of the desired cluster</em> &gt; <strong id="mrs_01_1608__b13254101314544">HBase</strong> &gt; <strong id="mrs_01_1608__b152541413195412">HBase Scope</strong> &gt; <strong id="mrs_01_1608__b3255181311548">global</strong>.</li><li id="mrs_01_1608__l4a0d53c830f2446ebf4750f4e136bbfa">In the <strong id="mrs_01_1608__b8864152375411">Permission</strong> column of the specified namespace, select <strong id="mrs_01_1608__b19869523115415">Write</strong>. For example, select <strong id="mrs_01_1608__b1050162611549">Write</strong> for the default namespace <strong id="mrs_01_1608__b1750102614549">default</strong>. By default, HBase sub-objects inherit the permission from the parent object.</li></ol>
</td>
</tr>
<tr id="mrs_01_1608__r6c36edec31fa430c91f7ad84f3e9a0ff"><td class="cellrowborder" valign="top" width="30.259999999999998%" headers="mcps1.3.6.2.3.2.4.2.3.1.1 "><p id="mrs_01_1608__adaee6dab764348d083aca4da79c6e99b">Setting the permission for users to read data from tables</p>
</td>
<td class="cellrowborder" valign="top" width="69.74000000000001%" headers="mcps1.3.6.2.3.2.4.2.3.1.2 "><ol type="a" id="mrs_01_1608__oa30fe88c86374c54947cf54944c691b6"><li id="mrs_01_1608__l374d3dba48e64537b241bf94ec30801d">In <strong id="mrs_01_1608__b597693318542">Configure Resource Permission</strong>, choose <em id="mrs_01_1608__i1098083318547">Name of the desired cluster</em> &gt; <strong id="mrs_01_1608__b19811633175410">HBase</strong> &gt; <strong id="mrs_01_1608__b2981333155415">HBase Scope</strong> &gt; <strong id="mrs_01_1608__b139810333548">global</strong>.</li><li id="mrs_01_1608__l46767bbcdcb94d5497c5e96f162c1d9f">In the <strong id="mrs_01_1608__b15392144045416">Permission</strong> column of the specified namespace, select <strong id="mrs_01_1608__b1539754055418">Read</strong>. For example, select <strong id="mrs_01_1608__b24984285414">Read</strong> for the default namespace <strong id="mrs_01_1608__b4491442165410">default</strong>. By default, HBase sub-objects inherit the permission from the parent object.</li></ol>
</td>
</tr>
<tr id="mrs_01_1608__r95be17dbfe5646919d7299c1e229900e"><td class="cellrowborder" valign="top" width="30.259999999999998%" headers="mcps1.3.6.2.3.2.4.2.3.1.1 "><p id="mrs_01_1608__ad1db0bbdb9ec47cd95f0101bcc3f8699">Setting the permission for users to manage namespaces or tables</p>
</td>
<td class="cellrowborder" valign="top" width="69.74000000000001%" headers="mcps1.3.6.2.3.2.4.2.3.1.2 "><ol type="a" id="mrs_01_1608__o4fec88099543498580262f53621ac547"><li id="mrs_01_1608__ld628e0601f394e0482b35235db48e73a">In <strong id="mrs_01_1608__b299614811545">Configure Resource Permission</strong>, choose <em id="mrs_01_1608__i141249185419">Name of the desired cluster</em> &gt; <strong id="mrs_01_1608__b202449105416">HBase</strong> &gt; <strong id="mrs_01_1608__b1321949185417">HBase Scope</strong> &gt; <strong id="mrs_01_1608__b132164918549">global</strong>.</li><li id="mrs_01_1608__la16ab980af6741398fde730b72f26847">In the <strong id="mrs_01_1608__b146981455185414">Permission</strong> column of the specified namespace, select <strong id="mrs_01_1608__b1170365516543">Manage</strong>. For example, select <strong id="mrs_01_1608__b142611610145510">Manage</strong> for the default namespace <strong id="mrs_01_1608__b1026641035518">default</strong>.</li></ol>
</td>
</tr>
<tr id="mrs_01_1608__rd18a916a62e0438291e70f9ddf14c7e7"><td class="cellrowborder" valign="top" width="30.259999999999998%" headers="mcps1.3.6.2.3.2.4.2.3.1.1 "><p id="mrs_01_1608__acbb7239ce1a54b668354ecfc89b0b91a">Setting the permission for reading data from or writing data to columns</p>
</td>
<td class="cellrowborder" valign="top" width="69.74000000000001%" headers="mcps1.3.6.2.3.2.4.2.3.1.2 "><ol type="a" id="mrs_01_1608__o72c9dd86625646509cffe6de230c4c75"><li id="mrs_01_1608__lacf518358f7f4604a3088bd2bdfb44e6">In <strong id="mrs_01_1608__b582071545517">Configure Resource Permission</strong>, select <em id="mrs_01_1608__i4825715125513">Name of the desired cluster</em> &gt; <strong id="mrs_01_1608__b682615155559">HBase</strong> &gt; <strong id="mrs_01_1608__b58269156558">HBase Scope</strong> &gt; <strong id="mrs_01_1608__b78261415195520">global</strong> and click the specified namespace to display the tables in the namespace.</li><li id="mrs_01_1608__lf5774f73f6214920aa4ab6398a119d1a">Click a table.</li><li id="mrs_01_1608__li205811840135312">Click a column family.</li><li id="mrs_01_1608__lf186cf6ddfee4ca98d6c310b519c2ac8">Confirm whether you want to create a role?<ul id="mrs_01_1608__u11d02b0facb24f5d9b3a9fb47bf4de67"><li id="mrs_01_1608__l0d7ebe4b05274889a6d3a7b168d0327b">If yes, enter the column name in the <strong id="mrs_01_1608__b38631924175520">Resource Name</strong> text box. Use commas (,) to separate multiple columns. Select <strong id="mrs_01_1608__b1868524185515">Read</strong> or <strong id="mrs_01_1608__b2086812420556">Write</strong>. If there are no columns with the same name in the HBase table, a newly created column with the same name as the existing column has the same permission as the existing one. The column permission is set successfully.</li><li id="mrs_01_1608__l09c13fe9249f4510ab837021c8422483">If no, modify the column permission of the existing HBase role. The columns for which the permission has been separately set are displayed in the table. Go to <a href="#mrs_01_1608__lc2f15302f1854175993f36524c25bf26">5</a>.</li></ul>
</li><li id="mrs_01_1608__lc2f15302f1854175993f36524c25bf26"><a name="mrs_01_1608__lc2f15302f1854175993f36524c25bf26"></a><a name="lc2f15302f1854175993f36524c25bf26"></a>To add column permissions for a role, enter the column name in the <strong id="mrs_01_1608__b677525645517">Resource Name</strong> text box and set the column permissions. To modify column permissions for a role, enter the column name in the <strong id="mrs_01_1608__b6899359105510">Resource Name</strong> text box and set the column permissions. Alternatively, you can directly modify the column permissions in the table. If the column permissions are modified in the table and column permissions with the same name are added, the settings cannot be saved. You are advised to modify the column permission of a role directly in the table. The search function is supported.</li></ol>
</td>
</tr>
</tbody>
</table>
</div>
</p></li><li id="mrs_01_1608__l3b336e62e45d4280a9b00c7c43697cfa"><span>Click <strong id="mrs_01_1608__b78859812569">OK</strong>, and return to the <strong id="mrs_01_1608__b1489010845618">Role</strong> page.</span></li></ol>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="mrs_01_0500.html">Using HBase</a></div>
</div>
</div>
View Git Blame Copy Permalink