Creating Subnet Whitelists

Provides the procedure necessary to restrict access to cluster data.

To provide additional cluster security, you can limit cluster data access to a whitelist of trusted subnets. The mfs.subnets.whitelist parameter in mfs.conf accepts a comma-separated list of subnets in CIDR notation. When this parameter is set, the FileServer service only accepts requests from the specified subnets.

  1. Edit /opt/mapr/conf/mfs.conf and modify the mfs.subnets.whitelist parameter.
  2. Add a comma-separated list of subnets in CIDR notation.
  3. Restart the FileServer.