[
https://issues.apache.org/jira/browse/HADOOP-10720?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14056370#comment-14056370
]
Alejandro Abdelnur commented on HADOOP-10720:
---------------------------------------------
in the case the queue is empty on the server side, instead returning just one i
would return 100 because of the following reasons:
• cipher init takes about 10microsec, regardless of jave or openssl (in my
laptop with an i7 2.3Ghz)
• rest call can be assumed to be around 2millsecs
• most likely file creation cones in bursts.
generating 100 edek would take millisec, adding to the 2millisec of the rest
call. seems a good tradeoff to be able to handle an initial burst efficiently
until the queues ate warm.
also, we could have an additional method in the CE to warm up ez edek queues.
the NN could call this at startup time by looping through the list of ezs. and
when a new ez is created.
> KMS: Implement generateEncryptedKey and decryptEncryptedKey in the REST API
> ---------------------------------------------------------------------------
>
> Key: HADOOP-10720
> URL: https://issues.apache.org/jira/browse/HADOOP-10720
> Project: Hadoop Common
> Issue Type: Improvement
> Components: security
> Affects Versions: 3.0.0
> Reporter: Alejandro Abdelnur
> Assignee: Arun Suresh
> Attachments: COMBO.patch, COMBO.patch, COMBO.patch, COMBO.patch,
> COMBO.patch, HADOOP-10720.1.patch, HADOOP-10720.2.patch,
> HADOOP-10720.3.patch, HADOOP-10720.4.patch, HADOOP-10720.5.patch,
> HADOOP-10720.patch, HADOOP-10720.patch, HADOOP-10720.patch,
> HADOOP-10720.patch, HADOOP-10720.patch
>
>
> KMS client/server should implement support for generating encrypted keys and
> decrypting them via the REST API being introduced by HADOOP-10719.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
