[
https://issues.apache.org/jira/browse/AMBARI-25179?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Kaitlyn Johnson updated AMBARI-25179:
-------------------------------------
Description:
In HDFS + Ranger KMS when Ranger KMS is installed the core-site setting
"hadoop.security.key.provider.path" is automatically set. OneFS + Ranger KMS
should have the same behavior.
The setting is not OneFS specific and overwriting the setting in the OneFS
Management Pack to the same value as what is set in HDFS + Ranger KMS seems
redundant.
was:
The OneFS mpack should include necessary TDE setting,
hadoop.security.key.provider.path, for HDFS clients. Providing this setting
option in the mpack will provide a better experience as a user wont need to
edit this settings themselves in the client core-site.xml
Update:
In vanilla Hadoop deployment with Ranger KMS Ambari sets the core-site
hadoop.security.key.provider.path property. However, in OneFS + Ranger KMS theĀ
property is not set. This client conf property is not OneFS specific and it
seems likeĀ having the mpack override this is perhaps not the right solution.
> OneFS should have same behavior as HDFS + Ranger KMS for provider path
> ----------------------------------------------------------------------
>
> Key: AMBARI-25179
> URL: https://issues.apache.org/jira/browse/AMBARI-25179
> Project: Ambari
> Issue Type: Bug
> Components: ambari-sever, contrib
> Affects Versions: 2.7.1
> Reporter: Kaitlyn Johnson
> Priority: Major
>
> In HDFS + Ranger KMS when Ranger KMS is installed the core-site setting
> "hadoop.security.key.provider.path" is automatically set. OneFS + Ranger KMS
> should have the same behavior.
> The setting is not OneFS specific and overwriting the setting in the OneFS
> Management Pack to the same value as what is set in HDFS + Ranger KMS seems
> redundant.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
