Support Questions

MiniFigAdam2 · ‎03-21-2016

We have been using our cluster and now it is time to setup the encryption zones.

This has brought up two issues.

Files need to be copied from nonencrypted folders to encrypted folders. Here using hdfs dfs -cp fails, hadoop distcp -skipcrccheck -update fails, and hadoop distcp fails . How can files be copied into the newly created encrypted zones.
The hdfs user folder is populated with the admin our users and service users such as hdfs, hive, hue, impala, oozie, spark as well regular user directories. How should this folder be encrypted to not interfere with the services using it.

attilabukor · ‎04-05-2016

1) The user copying files from the nonencrypted folders to the encrypted folders need to have read access on the nonencrypted files and write access to the encryption zone and need to be able to decrypt EEK. 2) A zone can contain files for groups of users or a single user, key release is controlled by KMS ACLS.

View solution in original post

attilabukor · ‎04-05-2016

1) The user copying files from the nonencrypted folders to the encrypted folders need to have read access on the nonencrypted files and write access to the encryption zone and need to be able to decrypt EEK. 2) A zone can contain files for groups of users or a single user, key release is controlled by KMS ACLS.

Cloudera Community

Support Questions

Moving files and user files into an newly created encrypted hdfs folders