Hadoop Security Guide
Also available as:
PDF
loading table of contents...

Enabling RPC Encryption

The most common way for a client to interact with a Hadoop cluster is through RPC. A client connects to a NameNode over RPC protocol to read or write a file. RPC connections in Hadoop use the Java Simple Authentication and Security Layer (SASL) which supports encryption. When the hadoop.rpc.protection property is set to privacy, the data over RPC is encrypted with symmetric keys.

[Note]Note

RPC encryption covers not only the channel between a client and a Hadoop cluster but also the inter-cluster communication among Hadoop services.

Enable Encrypted RPC by setting the following properties in core-site.xml.

hadoop.rpc.protection=privacy

(Also supported are the ‘authentication’ and ‘integrity’ settings.)