[
https://issues.apache.org/jira/browse/HDDS-12486?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Wei-Chiu Chuang updated HDDS-12486:
-----------------------------------
Description:
Currently creating an Ozone file in encrypted buckets requires requesting a
encrypted key from KMS, which delays file creation and could cause unwanted
failures.
We should do what HDFS NameNode does, which "warm up" encrypted keys by
fetching them in a batch during OM startup: HDFS-9405
It should also deal with exceptions: stop retrying if an encryption key becomes
invalid: HDFS-17540
was:
Currently creating an Ozone file in encrypted buckets requires requesting a
encrypted key from KMS, which delays file creation and could cause unwanted
failures.
We should do what HDFS NameNode does, which "warm up" encrypted keys by
fetching them in a batch during OM startup: HDFS-9405
> Warmup KMS encrypted keys when OM starts
> ----------------------------------------
>
> Key: HDDS-12486
> URL: https://issues.apache.org/jira/browse/HDDS-12486
> Project: Apache Ozone
> Issue Type: Improvement
> Reporter: Wei-Chiu Chuang
> Priority: Major
>
> Currently creating an Ozone file in encrypted buckets requires requesting a
> encrypted key from KMS, which delays file creation and could cause unwanted
> failures.
>
> We should do what HDFS NameNode does, which "warm up" encrypted keys by
> fetching them in a batch during OM startup: HDFS-9405
> It should also deal with exceptions: stop retrying if an encryption key
> becomes invalid: HDFS-17540
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
