cancel
Showing results forย 
Search instead forย 
Did you mean:ย 
Data Engineering
Join discussions on data engineering best practices, architectures, and optimization strategies within the Databricks Community. Exchange insights and solutions with fellow data engineers.
cancel
Showing results forย 
Search instead forย 
Did you mean:ย 

Databricks cluster Encryption keystore_password

kjoth
Contributor II

How to set up this value? Is this any value we can provide or the default value we have to p

#!/bin/bash
 
keystore_file="/dbfs/<keystore_directory>/jetty_ssl_driver_keystore.jks"
keystore_password="gb1gQqZ9ZIHS"
sasl_secret=$(sha256sum $keystore_file | cut -d' ' -f1)

1 ACCEPTED SOLUTION

Accepted Solutions

Prabakar
Esteemed Contributor III
Esteemed Contributor III

Hi @karthick Jโ€‹ do not change the password from the script. You need to just modify the <keystore_directory> and create the init script.

In the first step of the notebook, you will copy the Keystore file to a directory in DBFS.

As it is Databricks keystore file you cant change the password.

View solution in original post

7 REPLIES 7

-werners-
Esteemed Contributor III

I do not exactly understand the question.

Do you want to store secrets like this?

https://docs.databricks.com/security/secrets/index.html

Prabakar
Esteemed Contributor III
Esteemed Contributor III

This is not for secrets but for Encrypting Traffic Between Worker Nodes. ๐Ÿ˜‰

Prabakar
Esteemed Contributor III
Esteemed Contributor III

Hi @karthick Jโ€‹ do not change the password from the script. You need to just modify the <keystore_directory> and create the init script.

In the first step of the notebook, you will copy the Keystore file to a directory in DBFS.

As it is Databricks keystore file you cant change the password.

Hubert-Dudek
Esteemed Contributor III

I think as @Werner Stinckensโ€‹ said you need to provide more details what exactly you want to accomplish and where this script is put.

For all secrets the best way is to use databricks secret or Azure Key Valut (or AWS KMS) so you don't store your passwords in code. If you want to encrypt dbfs is better to make own mount and use ready Azure/S3 encryption options using own keys there.

Yes, I should have provided more detail, as the question is not clear. I will make sure to ask with clear details forward. Like @Prabakar Ammeappinโ€‹  said, the query was on databricks cluster encrypting Traffic bewteen workers nodes.

Prabakar
Esteemed Contributor III
Esteemed Contributor III

Thanks @Prabakar Ammeappinโ€‹ 

Join 100K+ Data Experts: Register Now & Grow with Us!

Excited to expand your horizons with us? Click here to Register and begin your journey to success!

Already a member? Login and join your local regional user group! If there isn’t one near you, fill out this form and we’ll create one for you to join!