Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 7 Next »

 

 

Goals

  1. Explore CDAP entities and integrate them with Cloudera Hue

  2. Use Hue's admin interface to manage ACL for Apache Sentry

Checklist

  • User stories documented (Shenggu)
  • User stories reviewed (Nitin)
  • Design documented (Shenggu)
  • Design reviewed (Andreas)
  • Feature merged (Shenggu)
  • Integration tests (Shenggu)
  • Documentation for feature (Shenggu)
  • Blog post (Shenggu)

User Stories

  • As a Hue admin, I should be able to easily configure CDAP as a plugin app in the Hue system
  • As a CDAP admin, I should be able to explore all the entities of CDAP (ex: Namespaces, Streams, Programs etc.) in Cloudera Hue's admin UI.
  • As a CDAP admin, I should be able to perform all the ACL management operations provided by Apache Sentry also in Cloudera Hue's admin UI.

Scenerios


Design

The system utilize the Cloudera Hue's interface to manage the access control configuration between CDAP and Apache Sentry. The Hue itself does not store any state during this process.

Logic view of the system

 

As shown in the above diagram, the CDAP and SENTRY support are configured as a plugin app installed in the Hue system. Hue's front system is implemented in Django, which provides good isolation and extension for multiple apps running together in a web service. A separate panel section will be created in the Hue's default UI for related operations. This app will communicate with the CDAP system through CDAP's restful api service. All the live entities will be displayed in Hue's UI. Communication with Apache SENTRY is enabled by SENTRY's thrift service. When admin grants/ evokes certain privileges through the Hue UI, it will be propagated to the SENTRY system and take effects on the further request coming from CDAP. 

 

UI Mockup

 

Configuration

 

Prototype


 

 

  • No labels