[
https://issues.apache.org/jira/browse/HADOOP-16120?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Steve Loughran resolved HADOOP-16120.
-------------------------------------
Resolution: Won't Fix
> Lazily allocate KMS delegation tokens
> -------------------------------------
>
> Key: HADOOP-16120
> URL: https://issues.apache.org/jira/browse/HADOOP-16120
> Project: Hadoop Common
> Issue Type: Improvement
> Components: kms, security
> Affects Versions: 2.8.5, 3.1.2
> Reporter: Ruslan Dautkhanov
> Priority: Major
>
> We noticed that HDFS clients talk to KMS even when they try to access not
> encrypted databases.. Is there is a way to make HDFS clients to talk to KMS
> servers *only* when they need access to encrypted data? Since we will be
> encrypting only one database (and 50+ other much more critical production
> databases will not be encrypted), in case if KMS is down for maintenance or
> for some other reason, we want to limit outage only to encrypted data.
> In other words, it would be great if KMS delegation toekns would be allocated
> lazily - on first request to encrypted data.
> This could be a non-default option to lazily allocate KMS delegation tokens,
> to improve availability of non-encrypted data.
>
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
