hadoop-common-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Andrew Wang (JIRA)" <j...@apache.org>
Subject [jira] [Resolved] (HADOOP-11862) Add support key replicas mechanism for KMS HA
Date Tue, 28 Jun 2016 22:47:57 GMT

     [ https://issues.apache.org/jira/browse/HADOOP-11862?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Andrew Wang resolved HADOOP-11862.
----------------------------------
    Resolution: Not A Problem

Resolving, since a full HA story for the KMS also requires a HA backing key provider. Thanks
for the nice responses Arun!

> Add support key replicas mechanism for KMS HA
> ---------------------------------------------
>
>                 Key: HADOOP-11862
>                 URL: https://issues.apache.org/jira/browse/HADOOP-11862
>             Project: Hadoop Common
>          Issue Type: Improvement
>          Components: kms
>    Affects Versions: 2.6.0
>            Reporter: dengxiumao
>              Labels: kms
>
> The patch [HADOOP-11620|https://issues.apache.org/jira/browse/HADOOP-11620] only supports
specification of multiple hostnames in the kms key provider uri. it means that it support
config as:
> {quote}
> <property>
>  <name>hadoop.security.key.provider.path</name>
>  <value>kms://http@[HOSTNAME1];[HOSTNAME2]:16000/kms</value>
> </property>
> {quote}
> but HA is still not available,  if one of KMS instances goes down, Encrypted files, which
encrypted by the keys in the KMS,  can not be read.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: common-dev-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-dev-help@hadoop.apache.org


Mime
View raw message