This is an automated email from the ASF dual-hosted git repository.
weichiu pushed a commit to branch HDDS-9225-website-v2
in repository https://gitbox.apache.org/repos/asf/ozone-site.git
The following commit(s) were added to refs/heads/HDDS-9225-website-v2 by this
push:
new dda9145ab HDDS-14270. [Website v2] [Docs] [Administrator Guide]
Configuring Hadoop RPC With SASL (#193)
dda9145ab is described below
commit dda9145ab24e3c4b944982344f643ea0836a3a04
Author: KUAN-HAO HUANG <[email protected]>
AuthorDate: Fri Jan 2 11:04:05 2026 +0800
HDDS-14270. [Website v2] [Docs] [Administrator Guide] Configuring Hadoop
RPC With SASL (#193)
---
.../01-network-encryption/01-hadoop-rpc.md | 19 ++++++++++++++++++-
1 file changed, 18 insertions(+), 1 deletion(-)
diff --git
a/docs/05-administrator-guide/02-configuration/03-security/05-encryption/01-network-encryption/01-hadoop-rpc.md
b/docs/05-administrator-guide/02-configuration/03-security/05-encryption/01-network-encryption/01-hadoop-rpc.md
index 918f5effe..95a1d7422 100644
---
a/docs/05-administrator-guide/02-configuration/03-security/05-encryption/01-network-encryption/01-hadoop-rpc.md
+++
b/docs/05-administrator-guide/02-configuration/03-security/05-encryption/01-network-encryption/01-hadoop-rpc.md
@@ -4,4 +4,21 @@ sidebar_label: Hadoop RPC
# Configuring Hadoop RPC With SASL
-**TODO:** File a subtask under
[HDDS-9859](https://issues.apache.org/jira/browse/HDDS-9859) and complete this
page or section.
+Ozone traffic may be transferred via Hadoop RPC for client-to-OM (Ozone
Manager) communication. To encrypt client-OM communication, configure
`hadoop.rpc.protection` to `privacy` in your `core-site.xml`. This ensures that
all data exchanged over Hadoop RPC is encrypted.
+
+Hadoop RPC is encrypted using the algorithm selected by the Java SASL, which
is typically 3DES or RC4. Note that the Hadoop RPC throughput may drop due to
encryption overhead.
+
+For more information, check out [Hadoop in Secure
Mode](https://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-common/SecureMode.html).
+
+```xml
+<property>
+ <name>hadoop.rpc.protection</name>
+ <value>privacy</value>
+</property>
+```
+
+## OM Transport Class
+
+The default transport class for communication with the Ozone Manager (OM) is
`org.apache.hadoop.ozone.om.protocolPB.Hadoop3OmTransportFactory`. However,
users can configure the system to use a gRPC-based transport class for
client-to-OM communication by setting the `ozone.om.transport.class`
configuration property to
`org.apache.hadoop.ozone.om.protocolPB.GrpcOmTransportFactory`.
+
+In this case, the Hadoop RPC encryption configuration is not applicable. Refer
to the [Configuring gRPC With TLS](./02-grpc.md) page to encrypt gRPC-based
communication.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
