No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


FusionInsight HD 6.5.0 Administrator Guide 02

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Introduction to Mutual Trust Relationships Between Clusters

Introduction to Mutual Trust Relationships Between Clusters

Function Description

By default, users of Huawei big data clusters in safe mode can only access resources in the cluster. In other clusters, they cannot perform identity authentication to access resources in safe mode. If users need to access resources in other clusters, they must configure mutual trust relationships between clusters.



The usage range of users in each cluster is called a domain. Each cluster must have a unique domain name. Cross-cluster access means users to be used across domains.

User Encryption

Cross-cluster mutual trust relationships can be configured by using FusionInsight Manager. The current Kerberos server supports only aes256-cts-hmac-sha1-96:normal and aes128-cts-hmac-sha1-96:normal. Encryption types for encrypting cross-domain users cannot be changed.

Mutual Trust Relationships Among Multiple Clusters

Each FusionInsight cluster can build mutual trust relationships with a maximum of 16 remote clusters. The remote clusters are not mutually trusted. You need to build the mutual trust relationships if necessary.

User Authentication

After the mutual trust relationships are built for clusters, users of the same name can access certain resources in two clusters. For example, both cluster A and cluster B have a user called 1, if user 1 in cluster A can access certain resources in cluster A, then user 1 can access the same resources in cluster B.

Direct Mutual Trust

When cross-cluster mutual trust relationships are built between two clusters, the system saves the mutual-trust receipts. Users can access the remote cluster through the mutual-trust receipts.

Updated: 2019-05-17

Document ID: EDOC1100074522

Views: 6157

Downloads: 12

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Previous Next