Xiaoyu Yao commented on HDFS-13180:

bq. Does it require a KMS service in addition to Kerberos?

No, we won't need KMS for HDSL. SCM will act as CA to manage the certificates 
for DNs. This is covered in the security doc section 3.3.2-3.3.4

> Implement security for Hadoop Distributed Storage Layer 
> --------------------------------------------------------
>                 Key: HDFS-13180
>                 URL: https://issues.apache.org/jira/browse/HDFS-13180
>             Project: Hadoop HDFS
>          Issue Type: New Feature
>          Components: hdfs, hdfs-client, ozone
>            Reporter: Anu Engineer
>            Assignee: Anu Engineer
>            Priority: Major
>         Attachments: HadoopStorageLayerSecurity.pdf
> In HDFS-7240, we have created a scalable block layer that facilitates 
> separation of namespace and block layer.  Hadoop Distributed Storage Layer 
> (HDSL) allows us to scale HDFS(HDFS-10419) and as well as create ozone 
> (HDFS-13074).
> This JIRA is an umbrella JIRA that tracks the security-related work items for 
> Hadoop Distributed Storage Layer.

This message was sent by Atlassian JIRA

To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org

Reply via email to