[ https://issues.apache.org/jira/browse/HADOOP-11862?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
dengxiumao updated HADOOP-11862: -------------------------------- External issue ID: HADOOP-11620 (was: 11620) > Add support key share across KMS instances for KMS HA > ----------------------------------------------------- > > Key: HADOOP-11862 > URL: https://issues.apache.org/jira/browse/HADOOP-11862 > Project: Hadoop Common > Issue Type: Improvement > Components: kms > Affects Versions: 2.6.0 > Reporter: dengxiumao > Labels: kms, transparentenc > > The patch [HADOOP-11620|https://issues.apache.org/jira/browse/HADOOP-11620] > only supports specification of multiple hostnames in the kms key provider > uri. it means that it support config as: > {quote} > <property> > <name>hadoop.security.key.provider.path</name> > <value>kms://http@[HOSTNAME1];[HOSTNAME2]:16000/kms</value> > </property> > {quote} > but HA is still not available, keys can not share across KMS instances, if > one of KMS instances goes down, Encrypted files, which encrypted by the keys > in the KMS, can not be read. -- This message was sent by Atlassian JIRA (v6.3.4#6332)