hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Anis Elleuch (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-15267) S3A multipart upload fails when SSE-C encryption is enabled
Date Mon, 05 Mar 2018 15:25:00 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-15267?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16386201#comment-16386201

Anis Elleuch commented on HADOOP-15267:

[~stevel@apache.org]: I updated the patch with the correct name and made changes you requested
(I hope all of them). It doesn't include the integration tests yet but I just wanted to do
a review for this progress first.

I ran hadoop aws tests ({{cd hadoop-tools/hadoop-aws; mvn test}}) using my AWS S3 bucket vadmeste-hadoop
in region us-east-1.

> S3A multipart upload fails when SSE-C encryption is enabled
> -----------------------------------------------------------
>                 Key: HADOOP-15267
>                 URL: https://issues.apache.org/jira/browse/HADOOP-15267
>             Project: Hadoop Common
>          Issue Type: Sub-task
>          Components: fs/s3
>    Affects Versions: 3.1.0
>         Environment: Hadoop 3.1 Snapshot
>            Reporter: Anis Elleuch
>            Assignee: Anis Elleuch
>            Priority: Critical
>         Attachments: HADOOP-15267-001.patch
> When I enable SSE-C encryption in Hadoop 3.1 and set  fs.s3a.multipart.size to 5 Mb,
storing data in AWS doesn't work anymore. For example, running the following code:
> {code}
> >>> df1 = spark.read.json('/home/user/people.json')
> >>> df1.write.mode("overwrite").json("s3a://testbucket/people.json")
> {code}
> shows the following exception:
> {code:java}
> com.amazonaws.services.s3.model.AmazonS3Exception: The multipart upload initiate requested
encryption. Subsequent part requests must include the appropriate encryption parameters.
> {code}
> After some investigation, I discovered that hadoop-aws doesn't send SSE-C headers in
Put Object Part as stated in AWS specification: [https://docs.aws.amazon.com/AmazonS3/latest/API/mpUploadUploadPart.html]
> {code:java}
> If you requested server-side encryption using a customer-provided encryption key in your
initiate multipart upload request, you must provide identical encryption information in each
part upload using the following headers.
> {code}
> You can find a patch attached to this issue for a better clarification of the problem.

This message was sent by Atlassian JIRA

To unsubscribe, e-mail: common-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-issues-help@hadoop.apache.org

View raw message