hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Zhe Zhang (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HDFS-9244) Support nested encryption zones
Date Tue, 12 Jan 2016 19:39:40 GMT

    [ https://issues.apache.org/jira/browse/HDFS-9244?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15094619#comment-15094619
] 

Zhe Zhang commented on HDFS-9244:
---------------------------------

[~xyao] Thanks for the comment. The most important use case we've seen is "always-on encryption"
-- the ability to setup {{/}} as an EZ plus the flexibility to use different keys for descendant
dirs later on. It has been requested by many customers. The {{Trash}} use case is also useful
-- it's not directly supported by this change, but will require the concept of nested EZ.

Thanks for pointing out the possible issues. Upgrade won't cause issues, because a lower-versioned
cluster with non-nested EZ setup is always legitimate under the new logic. Rollback won't
be allowed from a nested-EZ cluster to version < 2.8. The actual logic change is very simple
-- basically just the removal of an {{if}} check. So I don't think the change itself is hard
to support and maintain. The most challenging task is to clearly document the new semantics
so that external tools don't rely on the assumption that all data under an EZ have the same
key. I created HDFS-9644 to track the effort.

> Support nested encryption zones
> -------------------------------
>
>                 Key: HDFS-9244
>                 URL: https://issues.apache.org/jira/browse/HDFS-9244
>             Project: Hadoop HDFS
>          Issue Type: New Feature
>          Components: encryption
>            Reporter: Xiaoyu Yao
>            Assignee: Zhe Zhang
>         Attachments: HDFS-9244.00.patch, HDFS-9244.01.patch
>
>
> This JIRA is opened to track adding support of nested encryption zone based on [~andrew.wang]'s
[comment |https://issues.apache.org/jira/browse/HDFS-8747?focusedCommentId=14654141&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-14654141]
for certain use cases.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message