Thanks for your effort, Duo. I am in favor of turning AsyncWAL as default in master branch.
Cheers On Thu, May 5, 2016 at 6:03 PM, 张铎 <palomino...@gmail.com> wrote: > Some progress. > > I have filed HBASE-15743 for the transparent encryption support, > and HBASE-15754 for the AES encryption UT. Now both of them are resolved. > Let's resume the discussion here. > > Thanks. > > 2016-05-03 10:09 GMT+08:00 张铎 <palomino...@gmail.com>: > > > Fine, will add the testcase. > > > > And for the RPC, we only implement a new client side DTP here and still > > use the original RPC. > > > > Thanks. > > > > 2016-05-03 3:20 GMT+08:00 Gary Helmling <ghelml...@gmail.com>: > > > >> On Fri, Apr 29, 2016 at 6:24 PM 张铎 <palomino...@gmail.com> wrote: > >> > >> > Yes, it does. There is testcase that enumerates all the possible > >> protection > >> > level(authentication, integrity and privacy) and encryption > >> algorithm(none, > >> > 3des, rc4). > >> > > >> > > >> > > >> > https://github.com/apache/hbase/blob/master/hbase-server/src/test/java/org/apache/hadoop/hbase/io/asyncfs/TestSaslFanOutOneBlockAsyncDFSOutput.java > >> > > >> > I have also tested it in a secure cluster(hbase-2.0.0-SNAPSHOT and > >> > hadoop-2.4.0). > >> > > >> > >> Thanks. Can you add in support for testing with AES > >> (dfs.encrypt.data.transfer.cipher.suites=AES/CTR/NoPadding)? This is > only > >> available in Hadoop 2.6.0+, but I think is far more likely to be used in > >> production than 3des or rc4. > > > > > >> Also, have you been following HADOOP-10768? That is changing Hadoop RPC > >> encryption negotiation to support more performant AES wrapping, similar > to > >> what is now supported in the data transfer pipeline. > >> > > > > >
