[
https://issues.apache.org/jira/browse/HDFS-6387?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14013620#comment-14013620
]
Charles Lamb commented on HDFS-6387:
------------------------------------
bq. One question on deleting an EZ: is this an rm -rf? I think it's better not
do this. rm -rf on an encryption root will already necessarily remove the EZ,
and there might be some reason an admin wants to remove an EZ without deleting
the contained data. If this is not a useful workflow, then we might not even
need deleteEZ, since rm already takes care of this.
Since createEZ is an operation that (a) does not create a directory, and (b)
only operates on an empty directory, how about if we make deleteEZ symmetrical
by having it only remove the encryption zone characteristics (i.e. effectively
the keyid xattr) of an empty directory, but not remove that directory from the
file system.
I agree with you on your other comments. I was actually thinking that
-listZones would be for users, and -showZones would be for admins, the former
only displaying paths of EZs and the latter showing paths and key-ids/versions.
But -listZones -v is fine too.
> HDFS CLI admin tool for creating & deleting an encryption zone
> --------------------------------------------------------------
>
> Key: HDFS-6387
> URL: https://issues.apache.org/jira/browse/HDFS-6387
> Project: Hadoop HDFS
> Issue Type: Sub-task
> Components: namenode, security
> Reporter: Alejandro Abdelnur
> Assignee: Charles Lamb
>
> CLI admin tool to create/delete an encryption zone in HDFS.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
