Encrypting Streams
Apply an additional layer of security to streams by encrypting them.
Before encrypting a stream, ensure that wire-level security is enabled for your MapR cluster. See Enabling and Disabling Security Features on Your Cluster.
You can encrypt streams with this command:
hadoop mfs -setnetworkencryption on <path of stream>
Streams inherit the value of the -setnetworkencryption
setting from the
directory in which they are created.
To find out whether a directory or stream is encrypted, run this command:
hadoop mfs -ls <path>
Example
Suppose that the streams that you want to encrypt are all in the /test
directory. You run this command to find out whether the directory is encrypted:
# hadoop mfs -lsd /test
Found 1 items
drwxr-xr-x Z U U - root root 0 2015-09-07 02:37 268435456 /test
p 2049.43.131260 localhost:5660
The second U after the permissions indicates that the directory test is unencrypted. So, you run this command:
hadoop mfs -setnetworkencryption on /test
You run the previous command again:
# hadoop mfs -lsd /test
Found 1 items
drwxr-xr-x Z E U - root root 0 2015-09-07 02:40 268435456 /test
p 2049.43.131260 localhost:5660
The U is now replaced by an E to indicate that the directory is now encrypted.