[ 
https://issues.apache.org/jira/browse/HIVE-24521?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17247502#comment-17247502
 ] 

Xiaoyu Yao commented on HIVE-24521:
-----------------------------------

I understood the goal of HIVE-23212 is to improve performance by avoiding a RPC 
call to NN to check encryption is enabled or not. However, given the changes 
from HDFS-14104 and HDFS-12396, the preferred and reliable way to check if file 
system support encryption is to check the NN. 

> Hive should use DFSClient#isHDFSEncryptionEnabled
> -------------------------------------------------
>
>                 Key: HIVE-24521
>                 URL: https://issues.apache.org/jira/browse/HIVE-24521
>             Project: Hive
>          Issue Type: Bug
>    Affects Versions: 3.1.2
>            Reporter: Xiaoyu Yao
>            Assignee: Xiaoyu Yao
>            Priority: Major
>
> HIVE-23212 and HIVE-23261 adding check for hdfs encryption to determine if 
> copy is needed. However, the API used DFSUtilClient.isHDFSEncryptionEnabled 
> is solely based on local hadoop.security.key.provider.path configuration. 
> This has been evolved into a HDFS internal configuration that may not exist 
> in client side. The right API to be called here should be   
> DFSClient.isHDFSEncryptionEnabled which will get the keyprovider info from NN 
> directly after HDFS-11687 and HDFS-12396. This ticket is opened to fix it. 



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Reply via email to