[
https://issues.apache.org/jira/browse/HAWQ-1510?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16143442#comment-16143442
]
Hongxu Ma commented on HAWQ-1510:
---------------------------------
Note:
create encryption zone need hdfs **superuser privilege**.
so if hawq user and hdfs superuser is not the same one, you should create the
encryption zone on hawq directory manually before running hawq-init script.
> Add TDE-related functionality into hawq command line tools
> ----------------------------------------------------------
>
> Key: HAWQ-1510
> URL: https://issues.apache.org/jira/browse/HAWQ-1510
> Project: Apache HAWQ
> Issue Type: Sub-task
> Components: Command Line Tools
> Reporter: Hongxu Ma
> Assignee: Hongxu Ma
> Fix For: 2.3.0.0-incubating
>
>
> 1, hawq init
> the only way to enable tde in hawq:
> user should give a key name(already created by hadoop key command) parameter
> when execuate the init command, it makes the whole hawq_default directory as
> an encryption zone.
> note:
> cannot support transfer the existed(and non-empty) hawq_default directory
> into an encryption zone.
> command:
> {code}
> hawq init cluster --tde_keyname key_demo
> {code}
> -2, hawq state-
> -show the encryption zone info if user enable tde in hawq.-
> 3, hawq register
> cannot register file in different encryption zones / un-encryption zones.
> 4, hawq extract
> give user a warning of the table data is stored in encryption zone if user
> enable tde in hawq.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
