Wei-Chiu Chuang created HBASE-20898:
---------------------------------------
Summary: Improve support for HDFS at-rest encryption
Key: HBASE-20898
URL: https://issues.apache.org/jira/browse/HBASE-20898
Project: HBase
Issue Type: Umbrella
Components: encryption
Affects Versions: 2.0.0
Environment: HBase 2 on Hadoop 2.6.0+ (HDFS at-rest encryption)
Reporter: Wei-Chiu Chuang
Assignee: Wei-Chiu Chuang
* Note * this has nothing to do with HBase's Transparent Encryption of Data At
Rest.
HDFS's at rest encryption is "transparent" in that encrypt/decrypt itself
doesn't require client side change. However, in practice, there re a few cases
that need to be taken care of. For example, accessing KMS requires KMS
delegation tokens. If HBase tools get only HDFS delegation tokens, it would
fail to access files in HDFS encryption zone. Cases such as HBASE-20403
suggests in some cases HBase behaves differently in HDFS-encrypted cluster.
I propose an umbrella jira to revisit the HDFS at-rest encryption support in
various HBase subcomponents and tools, add additional tests and enhance the
tools as we visit them.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
