hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Suraj Acharya (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-13317) Add logs to KMS servier-side to improve supportability
Date Fri, 23 Sep 2016 02:15:20 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-13317?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15515124#comment-15515124
] 

Suraj Acharya commented on HADOOP-13317:
----------------------------------------

* The KMS does not support any other cipher other than AES/CTR in the current implementation.
One can change the cipher in core-site.xml but that will throw an error since AES/CTR has
been hardcoded. 
* I havent put some information in the logs because of either sensitive matter or access control.
Putting material of a key is an information leak. Also, it is an information leak to print
out the metadata and other information while being returned. I have logged mostly the incoming
request information and the reason is the same.
* Also, I didnt wish to put information where ACLs protect transaction.
* I know get what you are saying about the exceptions. I think we should make that as a separate
effort for the KMS. The reason being we will need to know the exceptions we wish to handle.

> Add logs to KMS servier-side to improve supportability
> ------------------------------------------------------
>
>                 Key: HADOOP-13317
>                 URL: https://issues.apache.org/jira/browse/HADOOP-13317
>             Project: Hadoop Common
>          Issue Type: Improvement
>          Components: kms
>            Reporter: Xiao Chen
>            Assignee: Suraj Acharya
>            Priority: Minor
>              Labels: supportability
>         Attachments: HADOOP-13317-1.patch, HADOOP-13317-2.patch, HADOOP-13317-3.patch,
HADOOP-13317.patch
>
>
> [KMS.java|https://github.com/apache/hadoop/blob/trunk/hadoop-common-project/hadoop-kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMS.java]
is the main class that serves KMS http requests. There're currently no logs at all, making
trouble shooting difficult.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-issues-help@hadoop.apache.org


Mime
View raw message