hadoop-hdfs-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Xiao Chen (JIRA)" <j...@apache.org>
Subject [jira] [Created] (HDFS-12400) Provide a way for NN to drain the local key cache before re-encryption
Date Wed, 06 Sep 2017 19:28:00 GMT
Xiao Chen created HDFS-12400:
--------------------------------

             Summary: Provide a way for NN to drain the local key cache before re-encryption
                 Key: HDFS-12400
                 URL: https://issues.apache.org/jira/browse/HDFS-12400
             Project: Hadoop HDFS
          Issue Type: Bug
          Components: encryption
    Affects Versions: 3.0.0-beta1
            Reporter: Xiao Chen
            Assignee: Xiao Chen


In HDFS-12359, a fix for the KMS ACLs required for re-encryption was done. As part of the
fix,  the following code is used to make sure the local provider cache in the NN is drained.
{code:java}
if (dir.getProvider() instanceof CryptoExtension) {
  ((CryptoExtension) dir.getProvider()).drain(keyName);
}
{code}
This doesn't work, because the provider is {{KeyProviderCryptoExtension}} instead of {{CryptoExtension}}
- the latter is composite of the former.

Unfortunately unit test didn't catch this, because it conveniently rolled the from the NN's
provider.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

---------------------------------------------------------------------
To unsubscribe, e-mail: hdfs-dev-unsubscribe@hadoop.apache.org
For additional commands, e-mail: hdfs-dev-help@hadoop.apache.org


Mime
View raw message