Return-Path: 
 <common-issues-return-74342-apmail-hadoop-common-issues-archive=hadoop.apache.org@hadoop.apache.org>
X-Original-To: apmail-hadoop-common-issues-archive@minotaur.apache.org
Delivered-To: apmail-hadoop-common-issues-archive@minotaur.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 85D9D10D96
	for <apmail-hadoop-common-issues-archive@minotaur.apache.org>;
 Wed, 17 Dec 2014 05:24:14 +0000 (UTC)
Received: (qmail 55165 invoked by uid 500); 17 Dec 2014 05:24:14 -0000
Delivered-To: apmail-hadoop-common-issues-archive@hadoop.apache.org
Received: (qmail 55114 invoked by uid 500); 17 Dec 2014 05:24:14 -0000
Mailing-List: contact common-issues-help@hadoop.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:common-issues-help@hadoop.apache.org>
List-Unsubscribe: <mailto:common-issues-unsubscribe@hadoop.apache.org>
List-Post: <mailto:common-issues@hadoop.apache.org>
List-Id: <common-issues.hadoop.apache.org>
Reply-To: common-issues@hadoop.apache.org
Delivered-To: mailing list common-issues@hadoop.apache.org
Received: (qmail 55101 invoked by uid 99); 17 Dec 2014 05:24:14 -0000
Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 17 Dec 2014 05:24:14 +0000
Date: Wed, 17 Dec 2014 05:24:14 +0000 (UTC)
From: "Dian Fu (JIRA)" <jira@apache.org>
To: common-issues@hadoop.apache.org
Message-ID: <JIRA.12757876.1416967450000.41131.1418793854143@Atlassian.JIRA>
In-Reply-To: <JIRA.12757876.1416967450000@Atlassian.JIRA>
References: <JIRA.12757876.1416967450000@Atlassian.JIRA>
 <JIRA.12757876.1416967450754@arcas>
Subject: [jira] [Assigned] (HADOOP-11336) Native support of KMS High
 Availability and Scalability
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394


     [ https://issues.apache.org/jira/browse/HADOOP-11336?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Dian Fu reassigned HADOOP-11336:
--------------------------------

    Assignee: Dian Fu  (was: Jerry Chen)

> Native support of KMS High Availability and Scalability
> -------------------------------------------------------
>
>                 Key: HADOOP-11336
>                 URL: https://issues.apache.org/jira/browse/HADOOP-11336
>             Project: Hadoop Common
>          Issue Type: Improvement
>          Components: kms
>    Affects Versions: trunk-win
>            Reporter: Jerry Chen
>            Assignee: Dian Fu
>              Labels: Security
>   Original Estimate: 672h
>  Remaining Estimate: 672h
>
> Currently, KMS supports multiple KMS instances behind a load balancer or VIP for scalability and HA purposes. A lot of extra configurations and cares must be taken to make them work properly as a single logical service.
> Especially when Kerberos authentication is used, special care must be taken on the service principles. (When KMS is used, strong authentication is very important to key security)
> It would be ideal to provide a native solution in KMS server and KMS client to support KMS high availability and scalability. This would make the deployment of HA and scalable KMS more straightforward as well as saving the cost of a specific load balancer and maintenance.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)