[jira] [Created] (FLUME-1577) Proposal to modify file channel encryption config

Thu, 13 Sep 2012 12:01:10 -0700 

Will McQueen created FLUME-1577:
-----------------------------------

             Summary: Proposal to modify file channel encryption config
                 Key: FLUME-1577
                 URL: https://issues.apache.org/jira/browse/FLUME-1577
             Project: Flume
          Issue Type: Bug
          Components: Channel
    Affects Versions: v1.3.0
            Reporter: Will McQueen
             Fix For: v1.3.0


Currently our config looks like:

a1.channels.c1.type = FILE
a1.channels.c1.checkpointDir = 
/var/run/flume-ng/.flume/file-channel-c1/checkpoint
a1.channels.c1.dataDirs = /var/run/flume-ng/.flume/file-channel-c1/data
a1.channels.c1.encryption.keyAlias = key-1
a1.channels.c1.encryption.cipherProvider = AESCTRNOPADDING
a1.channels.c1.encryption.keyProvider = p0
a1.channels.c1.encryption.keyProvider.p0.type = JCEKSFILE
a1.channels.c1.encryption.keyProvider.p0.keyStoreFile = 
/etc/flume-ng/conf/flume.keystore
a1.channels.c1.encryption.keyProvider.p0.keyStorePasswordFile = 
/etc/flume-ng/conf/key-1.password
a1.channels.c1.encryption.keyProvider.p0.keys = key-1
a1.channels.c1.encryption.keyProvider.p0.keys.key-1.passwordFile = 
/etc/flume-ng/conf/key-1.password
a1.channels.c1.encryption.keyProvider.p0.keys.key-2.passwordFile = 
/etc/flume-ng/conf/key-2.password

I propose changing 'keyAlias' to 'activeKey'. Also, AFAIK multiple 
keyProvider's can't be specified for a single file channel config so I propose 
removing the need for this line:

a1.channels.c1.encryption.keyProvider = p0
...and thus also removing the additional 'p0' namespace. And I don't think 
there's any need for specifying a 'type' after keyProvider. So that the entire 
file channel config will look like this:

a1.channels.c1.type = FILE
a1.channels.c1.checkpointDir = 
/var/run/flume-ng/.flume/file-channel-c1/checkpoint
a1.channels.c1.dataDirs = /var/run/flume-ng/.flume/file-channel-c1/data
a1.channels.c1.encryption.activeKey = key-1
a1.channels.c1.encryption.cipherProvider = AESCTRNOPADDING
a1.channels.c1.encryption.keyProvider = JCEKSFILE
a1.channels.c1.encryption.keyProvider.keyStoreFile = 
/etc/flume-ng/conf/flume.keystore
a1.channels.c1.encryption.keyProvider.keyStorePasswordFile = 
/etc/flume-ng/conf/key-1.password
a1.channels.c1.encryption.keyProvider.keys = key-1 key-2
a1.channels.c1.encryption.keyProvider.keys.key-1.passwordFile = 
/etc/flume-ng/conf/key-1.password
a1.channels.c1.encryption.keyProvider.keys.key-2.passwordFile = 
/etc/flume-ng/conf/key-2.password

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to