[jira] [Commented] (HADOOP-13887) Support for client-side encryption in S3A file system

Wed, 15 Mar 2017 14:35:22 -0700 

    [ 
https://issues.apache.org/jira/browse/HADOOP-13887?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15927025#comment-15927025
 ] 

Steve Loughran commented on HADOOP-13887:
-----------------------------------------

If you are targeting java 7, then branch-2 is your best option; it's close 
enough to 2.8 that we can pull things back. the big difference is in AWS 
library versions.

All you need to do here is include the branch name in the file

HADOOP-13887-branch-2-003.patch will be enough.

Don't worry about java crypto, we can document that. Kerberos needs it too, and 
KDiag actually tests it as part of the troubleshooting. Maybe an s3 diag could 
do the same

The length is a big issue; I'd suspected that. We have a core requirement for 
all filesystems: listFiles length == getFileStatus length == number of reads.

Why? Critical for file IO and seek logic; it's used in the 
`InputStream.available` method, which gets used by things downstream. We don't 
care about mock directories, as the fact they end in "/" is enough for us 
(indeed, we've ignored a JIRA complaining about how all data is ignored, the 
entries deleted without care,, etc, etc.


> Support for client-side encryption in S3A file system
> -----------------------------------------------------
>
>                 Key: HADOOP-13887
>                 URL: https://issues.apache.org/jira/browse/HADOOP-13887
>             Project: Hadoop Common
>          Issue Type: Sub-task
>          Components: fs/s3
>    Affects Versions: 2.8.0
>            Reporter: Jeeyoung Kim
>            Assignee: Igor Mazur
>            Priority: Minor
>         Attachments: HADOOP-13887-002.patch, HADOOP-14171-001.patch
>
>
> Expose the client-side encryption option documented in Amazon S3 
> documentation  - 
> http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingClientSideEncryption.html
> Currently this is not exposed in Hadoop but it is exposed as an option in AWS 
> Java SDK, which Hadoop currently includes. It should be trivial to propagate 
> this as a parameter passed to the S3client used in S3AFileSystem.java



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to