Uploaded image for project: 'Hadoop Map/Reduce'
  1. Hadoop Map/Reduce
  2. MAPREDUCE-4491 Encryption and Key Protection
  3. MAPREDUCE-4551

Key Protection : Add ability to read keys and protect keys in JobClient and TTS/NodeManagers

    XMLWordPrintableJSON

    Details

    • Type: Sub-task
    • Status: Resolved
    • Priority: Major
    • Resolution: Won't Do
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: job submission, security
    • Labels:
      None

      Description

      Based on Cluster configuration, NodeManager/TaskTrackers set up Decrypters to decrypt the job's secrets.
      Based on Job configuration, JobClient reads secrets from a KeyStore using a Keyprovider implementation and encrypts them using the cluster's public key.

      The encrypted secrets are stored in Job Credentials.

      The task addresses the following requirements:

      • Plug in different key store mechanisms.
      • Retrieve specified keys from a configured keystore as part of job submission
      • Protect keys during its transport through the cluster.
      • Make sure that keys are handed over only to the tasks of the correct job.

        Attachments

        1. MR_4551_trunk.patch
          25 kB
          Benoy Antony
        2. MR_4551_1_1.patch
          32 kB
          Benoy Antony

          Activity

            People

            • Assignee:
              benoyantony Benoy Antony
              Reporter:
              benoyantony Benoy Antony
            • Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: