[HADOOP-11862] Add support key replicas mechanism for KMS HA - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Major
Resolution: Not A Problem
Affects Version/s: 2.6.0
Fix Version/s: None
Component/s: kms
Labels:
- kms

External issue URL:
https://issues.apache.org/jira/browse/HADOOP-11620
External issue ID:
~~HADOOP-11620~~

Description

The patch HADOOP-11620 only supports specification of multiple hostnames in the kms key provider uri. it means that it support config as:

<property>
<name>hadoop.security.key.provider.path</name>
<value>kms://http@[HOSTNAME1];[HOSTNAME2]:16000/kms</value>
</property>

but HA is still not available, if one of KMS instances goes down, Encrypted files, which encrypted by the keys in the KMS, can not be read.

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: dengxiumao

Votes:: 0 Vote for this issue

Watchers:: 8 Start watching this issue

Dates

Created:: 22/Apr/15 02:34

Updated:: 21/May/21 09:03

Resolved:: 28/Jun/16 22:47