[HDFS-11885] createEncryptionZone should not block on initializing EDEK cache - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Patch Available
Priority: Major
Resolution: Unresolved
Affects Version/s: 2.6.5
Fix Version/s: None
Component/s: encryption
Labels:
None

Target Version/s:

3.5.0

Description

When creating an encryption zone, we call ensureKeyIsInitialized, which calls provider.warmUpEncryptedKeys(keyName). This is a blocking call, which attempts to fill the key cache up to the low watermark.

If the KMS is down or slow, this can take a very long time, and cause the createZone RPC to fail with a timeout.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

HDFS-11885.001.patch
31/May/17 01:58
20 kB
Andrew Wang
HDFS-11885.002.patch
31/May/17 07:26
22 kB
Andrew Wang
HDFS-11885.003.patch
07/Jun/17 01:01
22 kB
Andrew Wang
HDFS-11885.004.patch
03/Aug/17 00:58
22 kB
Andrew Wang

Activity

People

Assignee:: Andrew Wang

Reporter:: Andrew Wang

Votes:: 0 Vote for this issue

Watchers:: 11 Start watching this issue

Dates

Created:: 25/May/17 17:39

Updated:: 04/Jan/24 07:23