Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id B0389200B3C for ; Wed, 29 Jun 2016 00:45:59 +0200 (CEST) Received: by cust-asf.ponee.io (Postfix) id AF2F5160A6C; Tue, 28 Jun 2016 22:45:59 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id 01040160A56 for ; Wed, 29 Jun 2016 00:45:58 +0200 (CEST) Received: (qmail 96327 invoked by uid 500); 28 Jun 2016 22:45:57 -0000 Mailing-List: contact common-dev-help@hadoop.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Delivered-To: mailing list common-dev@hadoop.apache.org Received: (qmail 96291 invoked by uid 99); 28 Jun 2016 22:45:57 -0000 Received: from arcas.apache.org (HELO arcas) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 28 Jun 2016 22:45:57 +0000 Received: from arcas.apache.org (localhost [127.0.0.1]) by arcas (Postfix) with ESMTP id 5A3832C1F61 for ; Tue, 28 Jun 2016 22:45:57 +0000 (UTC) Date: Tue, 28 Jun 2016 22:45:57 +0000 (UTC) From: "Andrew Wang (JIRA)" To: common-dev@hadoop.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Resolved] (HADOOP-13303) Detail Informations of KMS High Avalibale MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 archived-at: Tue, 28 Jun 2016 22:45:59 -0000 [ https://issues.apache.org/jira/browse/HADOOP-13303?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andrew Wang resolved HADOOP-13303. ---------------------------------- Resolution: Invalid Please use the user list for questions like this, JIRA is for tracking product defects and code changes. Thanks! > Detail Informations of KMS High Avalibale > ----------------------------------------- > > Key: HADOOP-13303 > URL: https://issues.apache.org/jira/browse/HADOOP-13303 > Project: Hadoop Common > Issue Type: Improvement > Components: ha, kms > Affects Versions: 2.7.2 > Reporter: qiushi fan > > I have some confusions of kms HA recently. > 1. we can set up multiple KMS instances behind a load balancer. Among all these kms instances, there is only one master kms, others are slave kms. The master kms can handle Key create/store/rollover/delete operations by directly contacting with JCE keystore file. The slave kms can handle Key create/store/rollover/delete operations by delegating it to the master kms. > so although we set up multiple kms, there is only one JCE keystore file, and only the master kms can access to this file. Both the JCE keystore file and the master kms don't have a backup. If one of them died, there is no way to avoid losing data. > Is all of the above true? KMS doesn't have a solution to handle the failure of master kms and JCE keystore file? > 2. I heard another way to achieve kms HA: make use of LoadBalancingKMSClientProvider. But I can't find detail informations of LoadBalancingKMSClientProvider. So why the LoadBalancingKMSClientProvider can achieve kms HA? -- This message was sent by Atlassian JIRA (v6.3.4#6332) --------------------------------------------------------------------- To unsubscribe, e-mail: common-dev-unsubscribe@hadoop.apache.org For additional commands, e-mail: common-dev-help@hadoop.apache.org