Apache Kudu OverviewPDF version

Kudu security limitations

Here are some limitations related to data encryption and authorization in Kudu.

  • Kudu uses an internal PKI system to issue X.509 certificates to servers in the cluster. As a result, you cannot run Kudu with public IPs.

  • Server certificates generated by Kudu IPKI are incompatible with bouncycastle version 1.52 and earlier.

  • When you are creating a new Kudu service using the Ranger web UI, the Test Connection button is displayed. However, the TestConnection tab is not implemented in the Kudu Ranger plugin. As a result, if you try to use it with Kudu, it fails. But that does not mean that the service is not working.

We want your opinion

How can we improve this page?

What kind of feedback do you have?