[
https://issues.apache.org/jira/browse/HADOOP-13303?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15342943#comment-15342943
]
Xiao Chen commented on HADOOP-13303:
------------------------------------
Hi,
Arun had some replies in HADOOP-11862, which should answer the above questions.
Thanks.
> Detail Informations of KMS High Avalibale
> -----------------------------------------
>
> Key: HADOOP-13303
> URL: https://issues.apache.org/jira/browse/HADOOP-13303
> Project: Hadoop Common
> Issue Type: Improvement
> Components: ha, kms
> Affects Versions: 2.7.2
> Reporter: qiushi fan
>
> I have some confusions of kms HA recently.
> 1. we can set up multiple KMS instances behind a load balancer. Among all
> these kms instances, there is only one master kms, others are slave kms. The
> master kms can handle Key create/store/rollover/delete operations by directly
> contacting with JCE keystore file. The slave kms can handle Key
> create/store/rollover/delete operations by delegating it to the master kms.
> so although we set up multiple kms, there is only one JCE keystore file, and
> only the master kms can access to this file. Both the JCE keystore file and
> the master kms don't have a backup. If one of them died, there is no way to
> avoid losing data.
> Is all of the above true? KMS doesn't have a solution to handle the failure
> of master kms and JCE keystore file?
> 2. I heard another way to achieve kms HA: make use of
> LoadBalancingKMSClientProvider. But I can't find detail informations of
> LoadBalancingKMSClientProvider. So why the LoadBalancingKMSClientProvider
> can achieve kms HA?
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
