You must prepare the Ozone cluster for ingesting the data from the HDFS cluster.
Consider the example of moving an encrypted HDFS directory to Ozone. The following
procedure outlines the steps you must perform to create the equivalent bucket and target
directory in Ozone.
Decide on the HDFS to Ozone mapping scheme.
Consider the example of mapping the HDFS /user directory to
an Ozone volume.
Create the volume /user as an admin user.
> kinit as admin user and create the volume
> ozone sh volume create o3://<ozone.service.id>/user
Create an encrypted bucket to migrate a user's directory from the HDFS
cluster.
The following example shows how you can create an encrypted bucket for a user
john.doe.
> kinit as admin user and create the bucket for john.doe
> hadoop key create xxx_key
> ozone sh bucket create -k xxx_key /user/john.doe
(Optionally create a target dir inside the bucket if needed)
> hdfs dfs -mkdir ofs://<ozone.service.id>/user/john.doe/target_dir
Provide permissions to the user to access the encrypted bucket.
Use Ranger to provide the required permissions.
The following image shows
the Ranger policy configured for the user john.doe on
the /user/john.doe bucket.
