Deleting Metadata in HDFS when Migrating Out of LDT

In an HDFS deployment, if you migrate from an LDT to a non-LDT environment, the administrator must delete the LDT mdstore file.

In the following example:

/hadoop/hdfs is the mount point

/hadoop/hdfs/data is the GuardPoint

To manage the migration:

1. In the CipherTrust Manager, click Client > Client Groups.

2. Click < host/client group name>. The Edit host/client group - window opens.

3. Click GuardPoints.

4. Select the appropriate HDFS directory with an LDT GuardPoint, and click Unguard.

5. Using the Ambari admin console, shutdown all NameNode/DataNode one by one. Ensure that no HDFS GuardPoints are busy.

6. Ensure that no GuardPoints are configured on any HDFS node in the cluster, type:

   secfsd -status guard
   No GuardPoints configured
   

7. On the node running secfs, type:

   voradmin ldt attr delete <guard path>
   # voradmin ldt attr delete /hadoop/hdfs/data
   LDT metadata has been removed from all files in GuardPoints /hadoop/hdfs/data
   

8. On the system, verify that the metadata store has been removed from the secfs mount points, type:

    voradmin ldt rmstore <mount_point>
   # voradmin ldt rmstore /hadoop/hdfs
   Enter YES if /hadoop/hdfs does not include any GuardPoints associated with an LDT policy ->YES
   MDS file /hadoop/hdfs/__vorm_mds__  has been removed.
   

9. Verify that the metadata store has been removed from the secfs mount points, type:

    ls -altr <mount_point>
   # ls -altr /hadoop/hdfs
   You should not see `/hadoop/hdfs/__vorm_mds__ ` listed.
   

10. Repeat the above steps for each node in the HDFS cluster.