Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

Moving files and user files into an newly created encrypted hdfs folders

Solved Go to solution

Moving files and user files into an newly created encrypted hdfs folders

New Contributor

We have been using our cluster and now it is time to setup the encryption zones. 

This has brought up two issues.

  1. Files need to be copied from nonencrypted folders to encrypted folders. Here using hdfs dfs -cp fails, hadoop distcp -skipcrccheck -update fails, and hadoop distcp fails . How can files be copied into the newly created encrypted zones. 
  2. The hdfs user folder is populated with the admin our users and service users such as hdfs, hive, hue, impala, oozie, spark as well regular user directories. How should this folder be encrypted to not interfere with the services using it.  
1 ACCEPTED SOLUTION

Accepted Solutions

Re: Moving files and user files into an newly created encrypted hdfs folders

Cloudera Employee
1) The user copying files from the nonencrypted folders to the encrypted folders need to have read access on the nonencrypted files and write access to the encryption zone and need to be able to decrypt EEK. 2) A zone can contain files for groups of users or a single user, key release is controlled by KMS ACLS.
1 REPLY 1

Re: Moving files and user files into an newly created encrypted hdfs folders

Cloudera Employee
1) The user copying files from the nonencrypted folders to the encrypted folders need to have read access on the nonencrypted files and write access to the encryption zone and need to be able to decrypt EEK. 2) A zone can contain files for groups of users or a single user, key release is controlled by KMS ACLS.
Don't have an account?
Coming from Hortonworks? Activate your account here