hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Xiao Chen (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-13303) Detail Informations of KMS High Avalibale
Date Tue, 21 Jun 2016 22:41:58 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-13303?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15342943#comment-15342943

Xiao Chen commented on HADOOP-13303:

Arun had some replies in HADOOP-11862, which should answer the above questions. Thanks.

> Detail Informations of KMS High Avalibale
> -----------------------------------------
>                 Key: HADOOP-13303
>                 URL: https://issues.apache.org/jira/browse/HADOOP-13303
>             Project: Hadoop Common
>          Issue Type: Improvement
>          Components: ha, kms
>    Affects Versions: 2.7.2
>            Reporter: qiushi fan
> I have some confusions of kms HA recently. 
> 1. we can set up multiple KMS instances  behind a load balancer. Among all these kms
instances, there is only one master kms, others are slave kms. The master kms can handle Key
create/store/rollover/delete operations by directly contacting with JCE keystore file. The
slave kms can handle  Key create/store/rollover/delete operations by delegating it to the
master kms.
> so although we set up multiple kms, there is only one  JCE keystore file, and only the
master kms can access to this file.   Both the JCE keystore file and the master kms don't
have a backup. If one of them died, there is no way to avoid losing data.
> Is all of the above true? KMS doesn't have a solution to handle the failure of master
kms and  JCE keystore file?
> 2. I heard another way to achieve kms HA: make use of LoadBalancingKMSClientProvider.
But  I can't find detail informations of LoadBalancingKMSClientProvider.  So why the  LoadBalancingKMSClientProvider
can achieve kms HA?

This message was sent by Atlassian JIRA

To unsubscribe, e-mail: common-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-issues-help@hadoop.apache.org

View raw message