How to Enable/Disable Network Encryption on Oracle Big Data Appliance V4.2 and Higher
(Doc ID 2086478.1)
Last updated on FEBRUARY 07, 2019
Applies to:Big Data Appliance Integrated Software - Version 4.2.0 and later
The document provides steps and prerequisites for enabling Hadoop network encryption on Oracle Big Data Appliance v4.2.0 and higher with Mammoth.
As background there are 2 separate network encryption options:
This encryption option provides encryption of HDFS data transport between DataNodes and clients, and among DataNodes. Kerberos is required. It applies to HDFS data only.
This encryption option provides HTTPS encryption and Kerberos authentication for HDFS and YARN, and also enables encrypted web shuffling for YARN. Data spills to non-HFDS disk storage from Spark shuffle, MapReduce intermediate files, map and reduce operations, and Impala SQL are also encrypted. Basically this option encrypts all network traffic except HDFS data transport.
This note refers specifically to Hadoop network encryption and does not cover enabling encryption of HDFS data transport between DataNodes and clients, and among DataNodes which requires using a different bdacli command to enable it. The command is: "bdacli enable hdfs_encrypted_data_transport".
To enable Hadoop network encryption:
On BDA 4.2 use: "bdacli enable network_encryption".
Post BDA 4.2 use: "bdacli enable hadoop_network_encryption".
This MOS note uses: "bdacli enable hadoop_network_encryption".
This document will be used by Oracle ACS, Oracle Support, and System Administrators for the Oracle Big Data Appliance.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document
|Enable network encryption|
|Disable network encryption|