Speaker
Description
The interest in using big data solutions based on Hadoop, Kafka and Spark ecosystem is constantly growing in the HEP community, in particular, for use cases related to data analytics and data warehousing. Many distributed system services use Zookeeper as their means for coordination and metadata storage. However, on many occasions, this service is either deployed insecurely or easily becomes a vulnerable setup.
In this context, we developed zkpolicy, an opensource tool for Zookeeper metadata auditing and policy enforcement.
The tool allows validating the ownership and ACLs of the information stored in this metadata service with the ability to align with a pre-defined policy. Zkpolicy is currently used in production by the IT department at CERN providing more security and best practices for Kafka and Hadoop central services.
In this presentation, I will present the zkpolicy tool, the motivation for its development and use cases at CERN and beyond.
| Desired slot length | 15 |
|---|---|
| Speaker release | Yes |
