Ruslan Dautkhanov created HADOOP-16120:
------------------------------------------
Summary: Lazily allocate KMS delegation tokens
Key: HADOOP-16120
URL: https://issues.apache.org/jira/browse/HADOOP-16120
Project: Hadoop Common
Issue Type: Improvement
Components: kms, security
Affects Versions: 3.1.2, 2.8.5
Reporter: Ruslan Dautkhanov
We noticed that HDFS clients talk to KMS even when they try to access not
encrypted databases.. Is there is a way to make HDFS clients to talk to KMS
servers *only* when they need access to encrypted data? Since we will be
encrypting only one database (and 50 other databases will not be encrypted), in
case if KMS is down for maintenance or for some other reason, we want to limit
outage only to encrypted data.
In other words, it would be great if KMS delegation toekns would be allocated
lazily - on first request to encrypted data.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-issues-h...@hadoop.apache.org
