[
https://issues.apache.org/jira/browse/HADOOP-17255?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17195688#comment-17195688
]
Wei-Chiu Chuang commented on HADOOP-17255:
------------------------------------------
So.. my impression came from this jira HADOOP-15412 where at the time, KMS
wouldn't even start. Maybe things have changed so that it now starts fine but
only fails after.
Aside from that, there's security implication.
Quoting myself in the jira:
br. Even if you use a shared file system (like NFS?) you still need to make
sure the network communication is authentication and encrypted.
It wouldn't work if the keystore is in a HDFS encryption zone (it would end up
in a recursive loop). Storing key store in unencrypted HDFS could in theory
work, but transmitting unencrypted key store compromises security.
> JavaKeyStoreProvider fails to create a new key if the keystore is HDFS
> ----------------------------------------------------------------------
>
> Key: HADOOP-17255
> URL: https://issues.apache.org/jira/browse/HADOOP-17255
> Project: Hadoop Common
> Issue Type: Bug
> Components: kms
> Reporter: Akira Ajisaka
> Assignee: Akira Ajisaka
> Priority: Critical
> Labels: pull-request-available
> Time Spent: 20m
> Remaining Estimate: 0h
>
> The caller of JavaKeyStoreProvider#renameOrFail assumes that it throws
> FileNotFoundException if the src does not exist. However,
> JavaKeyStoreProvider#renameOrFail calls the old rename API. In
> DistributedFileSystem, the old API returns false if the src does not exist.
> That way JavaKeyStoreProvider fails to create a new key if the keystore is
> HDFS.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-issues-h...@hadoop.apache.org
