[
https://issues.apache.org/jira/browse/MAPREDUCE-5890?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14036684#comment-14036684
]
Alejandro Abdelnur commented on MAPREDUCE-5890:
-----------------------------------------------
Suresh, any special reason why the test is not included in the main patch?
I’m not quite happy with the IF blocks scattered around:
{code}
if (CryptoUtils.isShuffleEncrypted(conf)) {
byte[] iv = CryptoUtils.createIVFile(conf, fs, file);
out = CryptoUtils.wrap(conf, iv, out);
}
{code}
Given that current abstraction does not provide a clean cut to hide this within
the {{IFile}} without a significant refactoring throughout the code, I think is
the least evil.
Nice job.
Could you try running test-patch locally on the fs-encryption branch with this
patch?
> Support for encrypting Intermediate data and spills in local filesystem
> -----------------------------------------------------------------------
>
> Key: MAPREDUCE-5890
> URL: https://issues.apache.org/jira/browse/MAPREDUCE-5890
> Project: Hadoop Map/Reduce
> Issue Type: New Feature
> Components: security
> Affects Versions: 2.4.0
> Reporter: Alejandro Abdelnur
> Assignee: Arun Suresh
> Labels: encryption
> Attachments: MAPREDUCE-5890.2.patch, MAPREDUCE-5890.test.patch
>
>
> For some sensitive data, encryption while in flight (network) is not
> sufficient, it is required that while at rest it should be encrypted.
> HADOOP-10150 & HDFS-6134 bring encryption at rest for data in filesystem
> using Hadoop FileSystem API. MapReduce intermediate data and spills should
> also be encrypted while at rest.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
