[
https://issues.apache.org/jira/browse/HDFS-6987?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14137679#comment-14137679
]
Zhe Zhang commented on HDFS-6987:
---------------------------------
When we move these to the EZ root, what happens when the file is snapshotted
without the EZ root?
* _t0_: /ez/dir/ is created and made an EZ, initialized with a {{keyName}} and
a {{cipherSuite}}; /ez/dir/foo also created
* _t1_: /ez/dir snapshotted
* _t2_: Encryption info (e.g., {{cipherSuite}}) updated on /ez/
* _t3_: Client reads snapshot of /ez/dir/foo created at _t1_ . Because /ez/ was
never snapshotted we have to use the current encryption info updated at _t2_,
which seems problematic
Thoughts?
> Move CipherSuite xattr information up to the encryption zone root
> -----------------------------------------------------------------
>
> Key: HDFS-6987
> URL: https://issues.apache.org/jira/browse/HDFS-6987
> Project: Hadoop HDFS
> Issue Type: Sub-task
> Components: encryption
> Affects Versions: 2.6.0
> Reporter: Andrew Wang
> Assignee: Zhe Zhang
>
> All files within a single EZ need to be encrypted with the same CipherSuite.
> Because of this, I think we can store the CipherSuite once in the EZ rather
> than on each file.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
