Setting Up Data at Rest Encryption for HDFS

This section describes how to enable end-to-end data encryption to-and-from HDFS. For optimal performance, High Availability (HA) is also provided.

Depending on your encryption key root trustee requirements, you can enable HDFS encryption as follows:

• Ranger Key Management Service backed by Database, which sources the encryption zone keys from a backing Database and includes HA.