Encryption
Kudu allows you to use TLS to encrypt all communications among servers, and between clients and servers.
Configure
TLS encryption on Kudu servers using the
--rpc_encryption flag, which can be set to one of the following options:-
required- Kudu will reject unencrypted connections. -
optional- Kudu will attempt to use encryption, but will allow unencrypted connections. -
disabled- Kudu will not use encryption.
optional. To secure your cluster, set --rpc_encryption to required. Web UI encryption
The Kudu web UI can be configured to use secure HTTPS encryption by providing each server
with TLS certificates. Use the --webserver_certificate_file and --webserver_private_key_file properties to specify the certificate and private
key to be used for communication.
Alternatively, you can choose to completely disable the web UI by
setting --webserver_enabled flag to false on the Kudu servers.
