Repository: hadoop Updated Branches: refs/heads/trunk 3f4a29813 -> 32671d871
HADOOP-14783. [KMS] Add missing configuration properties into kms-default.xml. Contributed by Chetna Chaudhari. Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/32671d87 Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/32671d87 Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/32671d87 Branch: refs/heads/trunk Commit: 32671d87135f22707ea03c3f17e99d41d82c0a39 Parents: 3f4a298 Author: Wei-Chiu Chuang <[email protected]> Authored: Thu May 31 16:09:33 2018 -0700 Committer: Wei-Chiu Chuang <[email protected]> Committed: Thu May 31 16:09:33 2018 -0700 ---------------------------------------------------------------------- .../src/main/resources/kms-default.xml | 35 ++++++++++++++++++++ 1 file changed, 35 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/hadoop/blob/32671d87/hadoop-common-project/hadoop-kms/src/main/resources/kms-default.xml ---------------------------------------------------------------------- diff --git a/hadoop-common-project/hadoop-kms/src/main/resources/kms-default.xml b/hadoop-common-project/hadoop-kms/src/main/resources/kms-default.xml index 7055f2d..9f4171b 100644 --- a/hadoop-common-project/hadoop-kms/src/main/resources/kms-default.xml +++ b/hadoop-common-project/hadoop-kms/src/main/resources/kms-default.xml @@ -259,4 +259,39 @@ </description> </property> + <property> + <name>hadoop.kms.key.authorization.enable</name> + <value>true</value> + <description>Boolean property to Enable/Disable per Key authorization</description> + </property> + + <property> + <name>hadoop.security.kms.encrypted.key.cache.size</name> + <value>100</value> + <description>The size of the cache. This is the maximum number of EEKs that + can be cached under each key name.</description> + </property> + + <property> + <name>hadoop.security.kms.encrypted.key.cache.low.watermark</name> + <value>0.3</value> + <description>A low watermark on the cache. For each key name, if after a get call, + the number of cached EEKs are less than (size * low watermark), + then the cache under this key name will be filled asynchronously. + For each key name, only 1 thread could be running for the asynchronous filling.</description> + </property> + + <property> + <name>hadoop.security.kms.encrypted.key.cache.num.fill.threads</name> + <value>2</value> + <description>The maximum number of asynchronous threads overall, across key names, + allowed to fill the queue in a cache.</description> + </property> + + <property> + <name>hadoop.security.kms.encrypted.key.cache.expiry</name> + <value>43200000</value> + <description>The cache expiry time, in milliseconds. Internally Guava cache is used as the cache implementation. + The expiry approach is expireAfterAccess</description> + </property> </configuration> --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
