[AMBARI-20569] Configure KMS/Zookeeper settings automatically when multiple KMS are involved - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 2.5.2
Component/s: None
Labels:
None

Description

When multiple KMS is involved, these steps should be followed to configure multiple instances to share correctly. http://docs.hortonworks.com/HDPDocuments/HDP2/HDP-2.5.3/bk_security/content/ranger_kms_multi_kms.html

Can we add logic in Ambari to set these values correctly when second KMS is added?

hadoop.kms.cache.enable=false
hadoop.kms.cache.timeout.ms=0
hadoop.kms.current.key.cache.timeout.ms=0
hadoop.kms.authentication.signer.secret.provider=zookeeper
hadoop.kms.authentication.signer.secret.provider.zookeeper.connection.string={internal ip of first node}:2181,{internal ip of second node}:2181, ...
hadoop.kms.authentication.signer.secret.provider.zookeeper.auth.type=none

Attachments

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

AMBARI-20569.patch
15/Jun/17 10:33
11 kB
Antonenko Alexander

Activity

People

Assignee:: Antonenko Alexander

Reporter:: Yesha Vora

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 24/Mar/17 23:34

Updated:: 16/Jun/17 17:06

Resolved:: 15/Jun/17 13:30