[
https://issues.apache.org/jira/browse/HADOOP-14104?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15903720#comment-15903720
]
Yongjun Zhang commented on HADOOP-14104:
----------------------------------------
Thanks for the update [~rushabh.shah], sorry about that, but please be assured
that I did not mean to intrude, my sincere apology if you felt so.
I should have given some background, I was looking into HDFS-9868 earlier
because we need a solution very soon to let distcp to be able to see the
keyProvider of the remote cluster, then we found that HADOOP-14104 may be a
better solution. As far as I know, the existing "providing key provider path
via conf " implementation doesn't support external cluster, we could do an
implementation to extend the conf support for external cluster for keyprovider,
as an alternative solution for HADOOP-14104.
Will comment on your other points soon.
> Client should always ask namenode for kms provider path.
> --------------------------------------------------------
>
> Key: HADOOP-14104
> URL: https://issues.apache.org/jira/browse/HADOOP-14104
> Project: Hadoop Common
> Issue Type: Improvement
> Components: kms
> Reporter: Rushabh S Shah
> Assignee: Rushabh S Shah
> Attachments: HADOOP-14104-trunk.patch, HADOOP-14104-trunk-v1.patch,
> HADOOP-14104-trunk-v2.patch, HADOOP-14104-trunk-v3.patch
>
>
> According to current implementation of kms provider in client conf, there can
> only be one kms.
> In multi-cluster environment, if a client is reading encrypted data from
> multiple clusters it will only get kms token for local cluster.
> Not sure whether the target version is correct or not.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
