Configuring TLS/SSL encryption for Kudu
Kudu allows you to use TLS to encrypt all communications among servers, and between clients and servers.
--rpc_encryptionflag, which can be set to one of the following options:
required- Kudu will reject unencrypted connections.
optional- Kudu will attempt to use encryption, but will allow unencrypted connections.
disabled- Kudu will not use encryption.
optional. To secure your cluster, set
Web UI encryption
The Kudu web UI can be configured to use secure HTTPS encryption by providing each server
with TLS certificates. Use the
--webserver_private_key_file properties to specify the certificate and private
key to be used for communication.
Alternatively, you can choose to completely disable the web UI by
--webserver_enabled flag to
false on the Kudu servers.