[RANGER-3927] Ranger KMS generates master key on every restart before inserting into DB - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: In Progress
Priority: Major
Resolution: Unresolved
Affects Version/s: None
Fix Version/s: None
Component/s: Ranger
Labels:
None

Description

Hi,

At preset Ranger KMS generates Master Key on every restart,

Ref:
1.) https://github.com/apache/ranger/blob/master/kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStoreProvider.java#L194
2.) https://github.com/apache/ranger/blob/master/kms/src/main/java/org/apache/hadoop/crypto/key/RangerMasterKey.java#L192

And later check for its existence in DB .
Ref:
1.) https://github.com/apache/ranger/blob/c3f1c4a6ad2ee0c805ad29f0efb265569e0d2cf0/kms/src/main/java/org/apache/hadoop/crypto/key/RangerMasterKey.java#L356

We should check for master key existence in DB at early stage i.e. before generation.

Attachments

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

0001-RANGER-3927-Avoid-Master-Key-regeneration-on-every-r.patch
28/Sep/22 13:02
3 kB
Vikas Kumar

Activity

People

Assignee:: Vikas Kumar

Reporter:: Dhaval Shah

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 22/Sep/22 05:51

Updated:: 30/Sep/22 14:42