we have HDP cluster ( Hadoop cluster version 2.6.5 )
and we add the ranger and ranger KMS to the cluster as services
after adding the service - ranger KMS and do some settings
we performed the following
[hdfs@worker01 tmp]$ hdfs dfs -mkdir /zone_encr_1
[hdfs@worker01 tmp]$ hdfs crypto -createZone -keyName secret_hdp1 -path /zone_encr_1
Added encryption zone /zone_encr_1
[hdfs@worker01 tmp]$ hdfs dfs -copyFromLocal file.txt /zone_encr_1
[hdfs@worker01 tmp]$ hdfs dfs -cat /zone_encr_1/file.txt
hello every one
[hdfs@worker01 tmp]$ hdfs dfs -ls /zone_encr_1/file.txt
-rw-r--r-- 2 hdfs hdfs 23 2021-11-24 20:19 /zone_encr_1/file.txt
[hdfs@worker01 tmp]$ hdfs crypto -listZones
/zone_encr secret_hdp1
/zone_encr_new secret_hdp1
/zone_encr_1 secret_hdp1
as we can see above
first we create folder - /zone_encr_1 under hdfs
then
we add encryption to folder - /zone_encr_1
then
we copy from local folder the file - file.txt that include the text - "hello every one" to hdfs folder - /zone_encr_1
then
we do the test with `hdfs dfs -cat /zone_encr_1/file.txt`
and we expect to get encrypted file , but we not
we still get the file as
hello every one
since I just to learn the ranger KMS capabilities , I am not sure if I missed something
https://docs.cloudera.com/HDPDocuments/HDP2/HDP-2.6.1/bk_security/content/copy-to-from-encr-zone.htm...
Michael-Bronson
