On Fri, Apr 29, 2016 at 6:24 PM 张铎 <palomino...@gmail.com> wrote:
> Yes, it does. There is testcase that enumerates all the possible protection > level(authentication, integrity and privacy) and encryption algorithm(none, > 3des, rc4). > > > https://github.com/apache/hbase/blob/master/hbase-server/src/test/java/org/apache/hadoop/hbase/io/asyncfs/TestSaslFanOutOneBlockAsyncDFSOutput.java > > I have also tested it in a secure cluster(hbase-2.0.0-SNAPSHOT and > hadoop-2.4.0). > Thanks. Can you add in support for testing with AES (dfs.encrypt.data.transfer.cipher.suites=AES/CTR/NoPadding)? This is only available in Hadoop 2.6.0+, but I think is far more likely to be used in production than 3des or rc4. Also, have you been following HADOOP-10768? That is changing Hadoop RPC encryption negotiation to support more performant AES wrapping, similar to what is now supported in the data transfer pipeline.
