Please see the 'Hadoop 2.6.x' bullet under http://hbase.apache.org/book.html#hadoop
FYI On Fri, Aug 18, 2017 at 10:25 AM, Saad Mufti <[email protected]> wrote: > Hi, > > I'm looking for some guidance as our security team is requiring us to > implement encryption of our HBase data at rest and in motion. I'm reading > the docs and doing research and the choice seems to be between doing it at > the HBase level or the more general HDFS level. > > I am leaning towards HDFS level as there is some other data that is derived > from HBase in HDFS and it would be nice to have that encrypted as well. > Once set up the encryption is supposed to transparent to clients. We're > still at HBase 1.0 level, we're using a Cloudera 5.5 based distribution but > no commercial license. For reasons I won't go into upgrading is not an > option in the short term and we need to implement encryption before that > > But I have a warning in a google groups somewhere (can't find it anymore) > that warns that HDFS level encryption doesn't play well with HBase if on > Hadoop 2.6.x, which we're at. Does anyone know the specific issue, or if > there is a specific ticket I can look at to see if our Hadoop distro > includes that fix? > > Also, out of the box the Key Management Server included in Hadoop is based > on a simple file based Java Keystore and there are warnings that it is not > suitable for production environments. Cloudera has their own proprietary > KMS but we don't have a license to it. Can anyone share what groups that > use pure open source distros are using as their KMS when implementing > encryption in production environments? > > Thanks in advance for any guidance you can provide. > > ---- > Saad >
