[
https://issues.apache.org/jira/browse/HIVE-24521?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17247502#comment-17247502
]
Xiaoyu Yao commented on HIVE-24521:
-----------------------------------
I understood the goal of HIVE-23212 is to improve performance by avoiding a RPC
call to NN to check encryption is enabled or not. However, given the changes
from HDFS-14104 and HDFS-12396, the preferred and reliable way to check if file
system support encryption is to check the NN.
> Hive should use DFSClient#isHDFSEncryptionEnabled
> -------------------------------------------------
>
> Key: HIVE-24521
> URL: https://issues.apache.org/jira/browse/HIVE-24521
> Project: Hive
> Issue Type: Bug
> Affects Versions: 3.1.2
> Reporter: Xiaoyu Yao
> Assignee: Xiaoyu Yao
> Priority: Major
>
> HIVE-23212 and HIVE-23261 adding check for hdfs encryption to determine if
> copy is needed. However, the API used DFSUtilClient.isHDFSEncryptionEnabled
> is solely based on local hadoop.security.key.provider.path configuration.
> This has been evolved into a HDFS internal configuration that may not exist
> in client side. The right API to be called here should be
> DFSClient.isHDFSEncryptionEnabled which will get the keyprovider info from NN
> directly after HDFS-11687 and HDFS-12396. This ticket is opened to fix it.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)