Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Solved Go to solution

HDF for teeing encrypted data?

avatar
author-rank rbiswas1
Guru

Created ‎07-12-2016 03:04 PM

Hi,

How does HDF handle teeing of encrypted data from PORD to DR?

Anything special hat needs to be done in terms of key management/decrypt process?

Thanks

1,304 Views
0 Kudos
1 ACCEPTED SOLUTION

avatar
author-rank egarelnabi
Guru

Created ‎12-16-2016 07:58 AM

@rbiswas

If you just use GetHDFS processor it should decrypt the data before moving it to DR (assuming it has the necessary read permissions), and once there, you can write it to an encryption zone. The data in-flight will be decrypted though.

Alternatively you can copy the data in it's encrypted form. You'd need to share the keys between the clusters and use HDF or DistCP to copy the files from the "/.reserved/..." folder rather than the regular folder. Take a look at the article below for clarification:

https://community.hortonworks.com/articles/51909/how-to-copy-encrypted-data-between-two-hdp-cluster....

View solution in original post

1,157 Views
0 Kudos
3 REPLIES 3

avatar
author-rank egarelnabi
Guru

Created ‎12-16-2016 07:58 AM

@rbiswas

If you just use GetHDFS processor it should decrypt the data before moving it to DR (assuming it has the necessary read permissions), and once there, you can write it to an encryption zone. The data in-flight will be decrypted though.

Alternatively you can copy the data in it's encrypted form. You'd need to share the keys between the clusters and use HDF or DistCP to copy the files from the "/.reserved/..." folder rather than the regular folder. Take a look at the article below for clarification:

https://community.hortonworks.com/articles/51909/how-to-copy-encrypted-data-between-two-hdp-cluster....

1,158 Views
0 Kudos

avatar
author-rank rbiswas1
Guru

Created ‎12-16-2016 04:10 PM

@Eyad Garelnabi

Thank you.

One question did you tested the GetHDFS processor for fetching from an encrypted zone?

1,157 Views
0 Kudos

avatar
author-rank egarelnabi
Guru

Created ‎12-16-2016 05:12 PM

I haven't tested it, but I don't believe it should be an issue since the decryption should happen transparently by the platform, before the data is passed to the processor.

1,157 Views
0 Kudos
Announcements
What's New @ Cloudera
Cloudera Data Engineering 1.23: Access Spark from Your Favor...
What's New @ Cloudera
HBase REST server scaling support is Generally Available
What's New @ Cloudera
New CLI option in the update-database command
What's New @ Cloudera
New Action menu item in the Cloudera Operational Database UI
What's New @ Cloudera
Get the list of supported instance types in the Cloudera Ope...
View More Announcements