iwasakims commented on issue #615: BIGTOP-3300. Add puppet manifests for hadoop-kms. URL: https://github.com/apache/bigtop/pull/615#issuecomment-598745986 I manually tested that HDFS transparent encryption works on following config.yaml:: ``` docker: memory_limit: "8g" image: "bigtop/puppet:trunk-centos-7" distro: centos components: [hdfs, yarn, kms] enable_local_repo: true smoke_test_components: [hdfs, yarn] ``` test steps:: ``` $ cd provisioner/docker $ ./docker-hadoop.sh -c 3 $ ./docker-hadoop.sh --exec 3 /bin/bash # hdfs dfs -mkdir /user/root/zone1 # hadoop key create key1 key1 has been successfully created with options Options{cipher='AES/CTR/NoPadding', bitLength=128, description='null', attributes=null}. org.apache.hadoop.crypto.key.kms.LoadBalancingKMSClientProvider@1dde4cb2 has been updated. # sudo -u hdfs hdfs crypto -createZone -keyName key1 -path /user/root/zone1 Added encryption zone /user/root/zone1 # hdfs dfs -put /etc/hosts /user/root/zone1/ # hdfs dfs -get /user/root/zone1/hosts /tmp/ ```
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services
