hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "dengxiumao (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (HADOOP-11862) Add support key share across KMS instances for KMS HA
Date Wed, 22 Apr 2015 02:54:00 GMT

     [ https://issues.apache.org/jira/browse/HADOOP-11862?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

dengxiumao updated HADOOP-11862:
--------------------------------
     External issue ID: 11620
    External issue URL: https://issues.apache.org/jira/browse/HADOOP-11620

> Add support key share across KMS instances for KMS HA
> -----------------------------------------------------
>
>                 Key: HADOOP-11862
>                 URL: https://issues.apache.org/jira/browse/HADOOP-11862
>             Project: Hadoop Common
>          Issue Type: Improvement
>          Components: kms
>    Affects Versions: 2.6.0
>            Reporter: dengxiumao
>              Labels: kms, transparentenc
>
> The patch [HADOOP-11620|https://issues.apache.org/jira/browse/HADOOP-11620] only supports
specification of multiple hostnames in the kms key provider uri. it means that it support
config as:
> {quote}
> <property>
>  <name>hadoop.security.key.provider.path</name>
>  <value>kms://http@[HOSTNAME1];[HOSTNAME2]:16000/kms</value>
> </property>
> {quote}
> but HA is still not available, keys can not share across KMS instances, if one of KMS
instances goes down, Encrypted files, which encrypted by the keys in the KMS,  can not be
read.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message