Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
None
-
None
-
None
Description
When multiple KMS is involved, these steps should be followed to configure multiple instances to share correctly. http://docs.hortonworks.com/HDPDocuments/HDP2/HDP-2.5.3/bk_security/content/ranger_kms_multi_kms.html
Can we add logic in Ambari to set these values correctly when second KMS is added?
hadoop.kms.cache.enable=false
hadoop.kms.cache.timeout.ms=0
hadoop.kms.current.key.cache.timeout.ms=0
hadoop.kms.authentication.signer.secret.provider=zookeeper
hadoop.kms.authentication.signer.secret.provider.zookeeper.connection.string={internal ip of first node}:2181,{internal ip of second node}:2181, ...
hadoop.kms.authentication.signer.secret.provider.zookeeper.auth.type=none