Creating Subnet Whitelists

Provides the procedure necessary to restrict access to cluster data.

About this task

To provide additional cluster security, limit cluster data access to a whitelist of trusted subnets. The mfs.subnets.whitelist parameter in mfs.conf accepts a comma-separated list of subnets in CIDR notation. If this parameter is set, the FileServer service only accepts requests from the specified subnets.

Procedure

  1. Edit /opt/mapr/conf/mfs.conf and modify the mfs.subnets.whitelist parameter.
  2. Add a comma-separated list of subnets in CIDR notation.
  3. Restart the FileServer.