hadoop-common-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Andrew Wang (JIRA)" <j...@apache.org>
Subject [jira] [Resolved] (HADOOP-11862) Add support key replicas mechanism for KMS HA
Date Tue, 28 Jun 2016 22:47:57 GMT

     [ https://issues.apache.org/jira/browse/HADOOP-11862?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel

Andrew Wang resolved HADOOP-11862.
    Resolution: Not A Problem

Resolving, since a full HA story for the KMS also requires a HA backing key provider. Thanks
for the nice responses Arun!

> Add support key replicas mechanism for KMS HA
> ---------------------------------------------
>                 Key: HADOOP-11862
>                 URL: https://issues.apache.org/jira/browse/HADOOP-11862
>             Project: Hadoop Common
>          Issue Type: Improvement
>          Components: kms
>    Affects Versions: 2.6.0
>            Reporter: dengxiumao
>              Labels: kms
> The patch [HADOOP-11620|https://issues.apache.org/jira/browse/HADOOP-11620] only supports
specification of multiple hostnames in the kms key provider uri. it means that it support
config as:
> {quote}
> <property>
>  <name>hadoop.security.key.provider.path</name>
>  <value>kms://http@[HOSTNAME1];[HOSTNAME2]:16000/kms</value>
> </property>
> {quote}
> but HA is still not available,  if one of KMS instances goes down, Encrypted files, which
encrypted by the keys in the KMS,  can not be read.

This message was sent by Atlassian JIRA

To unsubscribe, e-mail: common-dev-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-dev-help@hadoop.apache.org

View raw message