[
https://issues.apache.org/jira/browse/HADOOP-11862?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17349090#comment-17349090
]
许超 commented on HADOOP-11862:
-----------------------------
Which version of Hadoop support key replicas mechanism for KMS HA?If not, how
can I achieve it?
> Add support key replicas mechanism for KMS HA
> ---------------------------------------------
>
> Key: HADOOP-11862
> URL: https://issues.apache.org/jira/browse/HADOOP-11862
> Project: Hadoop Common
> Issue Type: Improvement
> Components: kms
> Affects Versions: 2.6.0
> Reporter: dengxiumao
> Priority: Major
> Labels: kms
>
> The patch [HADOOP-11620|https://issues.apache.org/jira/browse/HADOOP-11620]
> only supports specification of multiple hostnames in the kms key provider
> uri. it means that it support config as:
> {quote}
> <property>
> <name>hadoop.security.key.provider.path</name>
> <value>kms://http@[HOSTNAME1];[HOSTNAME2]:16000/kms</value>
> </property>
> {quote}
> but HA is still not available, if one of KMS instances goes down, Encrypted
> files, which encrypted by the keys in the KMS, can not be read.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
