Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-14104

Client should always ask namenode for kms provider path.

          Details

          • Type: Improvement
          • Status: Resolved
          • Priority: Major
          • Resolution: Fixed
          • Affects Version/s: None
          • Fix Version/s: 2.9.0, 3.0.0-alpha4, 2.8.2
          • Component/s: kms
          • Labels:
            None

            Description

            According to current implementation of kms provider in client conf, there can only be one kms.
            In multi-cluster environment, if a client is reading encrypted data from multiple clusters it will only get kms token for local cluster.
            Not sure whether the target version is correct or not.

              Attachments

              1. HADOOP-14104-trunk.patch
                28 kB
                Rushabh S Shah
              2. HADOOP-14104-trunk-v1.patch
                30 kB
                Rushabh S Shah
              3. HADOOP-14104-trunk-v2.patch
                39 kB
                Rushabh S Shah
              4. HADOOP-14104-trunk-v3.patch
                38 kB
                Rushabh S Shah
              5. HADOOP-14104-trunk-v4.patch
                38 kB
                Rushabh S Shah
              6. HADOOP-14104-trunk-v5.patch
                38 kB
                Rushabh S Shah
              7. HADOOP-14104-branch-2.8.patch
                38 kB
                Rushabh S Shah
              8. HADOOP-14104-branch-2.patch
                38 kB
                Rushabh S Shah

                Issue Links

                breaks

                Bug - A problem which impairs or prevents the functions of the product. HADOOP-14814 Fix incompatible API change on FsServerDefaults to HADOOP-14104

                • Blocker - Blocks development and/or testing work, production could not run
                • Resolved

                Bug - A problem which impairs or prevents the functions of the product. HDFS-11689 New exception thrown by DFSClient#isHDFSEncryptionEnabled broke hacky hive code

                • Major - Major loss of function.
                • Resolved

                Bug - A problem which impairs or prevents the functions of the product. HDFS-11702 Remove indefinite caching of key provider uri in DFSClient

                • Major - Major loss of function.
                • Resolved
                is related to

                Improvement - An improvement or enhancement to an existing feature or task. HIVE-16490 Hive should not use private HDFS APIs for encryption

                • Critical - Crashes, loss of data, severe memory leak.
                • Open

                Improvement - An improvement or enhancement to an existing feature or task. HDFS-11687 Add new public encryption APIs required by Hive

                • Major - Major loss of function.
                • Resolved
                relates to

                Bug - A problem which impairs or prevents the functions of the product. HDFS-13371 NPE for FsServerDefaults.getKeyProviderUri() for clientProtocol communication between 2.7 and 3.2

                • Minor - Minor loss of function, or other problem where easy workaround is present.
                • Patch Available

                  Activity

                    People

                    • Assignee:
                      shahrs87 Rushabh S Shah
                      Reporter:
                      shahrs87 Rushabh S Shah
                    • Votes:
                      0 Vote for this issue
                      Watchers:
                      15 Start watching this issue

                      Dates

                      • Created:
                        Updated:
                        Resolved: