hadoop-common-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From xkro...@apache.org
Subject [44/50] [abbrv] hadoop git commit: HADOOP-14783. [KMS] Add missing configuration properties into kms-default.xml. Contributed by Chetna Chaudhari.
Date Fri, 01 Jun 2018 17:00:34 GMT
HADOOP-14783. [KMS] Add missing configuration properties into kms-default.xml. Contributed
by Chetna Chaudhari.


Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/32671d87
Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/32671d87
Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/32671d87

Branch: refs/heads/HDFS-12943
Commit: 32671d87135f22707ea03c3f17e99d41d82c0a39
Parents: 3f4a298
Author: Wei-Chiu Chuang <weichiu@apache.org>
Authored: Thu May 31 16:09:33 2018 -0700
Committer: Wei-Chiu Chuang <weichiu@apache.org>
Committed: Thu May 31 16:09:33 2018 -0700

----------------------------------------------------------------------
 .../src/main/resources/kms-default.xml          | 35 ++++++++++++++++++++
 1 file changed, 35 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/hadoop/blob/32671d87/hadoop-common-project/hadoop-kms/src/main/resources/kms-default.xml
----------------------------------------------------------------------
diff --git a/hadoop-common-project/hadoop-kms/src/main/resources/kms-default.xml b/hadoop-common-project/hadoop-kms/src/main/resources/kms-default.xml
index 7055f2d..9f4171b 100644
--- a/hadoop-common-project/hadoop-kms/src/main/resources/kms-default.xml
+++ b/hadoop-common-project/hadoop-kms/src/main/resources/kms-default.xml
@@ -259,4 +259,39 @@
     </description>
   </property>
 
+  <property>
+    <name>hadoop.kms.key.authorization.enable</name>
+    <value>true</value>
+    <description>Boolean property to Enable/Disable per Key authorization</description>
+  </property>
+
+  <property>
+    <name>hadoop.security.kms.encrypted.key.cache.size</name>
+    <value>100</value>
+    <description>The size of the cache. This is the maximum number of EEKs that
+      can be cached under each key name.</description>
+  </property>
+
+  <property>
+    <name>hadoop.security.kms.encrypted.key.cache.low.watermark</name>
+    <value>0.3</value>
+    <description>A low watermark on the cache. For each key name, if after a get call,
+      the number of cached EEKs are less than (size * low watermark),
+      then the cache under this key name will be filled asynchronously.
+      For each key name, only 1 thread could be running for the asynchronous filling.</description>
+  </property>
+
+  <property>
+    <name>hadoop.security.kms.encrypted.key.cache.num.fill.threads</name>
+    <value>2</value>
+    <description>The maximum number of asynchronous threads overall, across key names,
+      allowed to fill the queue in a cache.</description>
+  </property>
+
+  <property>
+    <name>hadoop.security.kms.encrypted.key.cache.expiry</name>
+    <value>43200000</value>
+    <description>The cache expiry time, in milliseconds. Internally Guava cache is
used as the cache implementation.
+      The expiry approach is expireAfterAccess</description>
+  </property>
 </configuration>


---------------------------------------------------------------------
To unsubscribe, e-mail: common-commits-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-commits-help@hadoop.apache.org


Mime
View raw message