[
https://issues.apache.org/jira/browse/HIVE-26464?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Peter Felker updated HIVE-26464:
--------------------------------
Description:
In {{ReplDumpTask}}, if the following *new* config is provided in {{HiveConf}}:
* {{hive.repl.cloud.credential.provider.path}}
then the HS2 credstore URI scheme, contained by {{HiveConf}} with key
{{hadoop.security.credential.provider.path}}, should be updated so that it will
start with new scheme: {{hiverepljceks}}. For instance:
{code}jceks://file/path/to/credstore/creds.localjceks{code}
will become:
{code}hiverepljceks://file/path/to/credstore/creds.localjceks{code}
This new scheme, {{hiverepljceks}}, will make Hadoop to use a *new* credential
provider, which will do the following:
# Load the HS2 keystore file, defined by key
{{hadoop.security.credential.provider.path}}
# Gets a password from the HS2 keystore file, with key:
{{hive.repl.cloud.credential.provider.password}}
# This password will be used to load another keystore file, located on HDFS and
specified by the new config mentioned before:
{{hive.repl.cloud.credential.provider.path}}. This contains the cloud
credentials for the Hive cloud replication.
was:
In {{ReplDumpTask}}, if the following *new* config is provided in {{HiveConf}}:
* {{hive.repl.cloud.credential.provider.path}}
then the HS2 credstore URI scheme, contained by {{HiveConf}} with key
{{hadoop.security.credential.provider.path}}, should be updated so that it will
start with new scheme: {{hiverepljceks}}. For instance:
{code}jceks://file/path/to/credstore/creds.localjceks{code}
will become:
{code}hiverepljceks://file/path/to/credstore/creds.localjceks{code}
This new scheme, {{hiverepljceks}}, will make Hadoop to use a *new* credential
provider, which will do the following:
# Load the HS2 keystore file
# Gets a password from the HS2 keystore file
# This password will be used to load another keystore file, located on HDFS,
that contains the cloud credentials for the Hive cloud replication
> New credential provider for replicating to the cloud
> ----------------------------------------------------
>
> Key: HIVE-26464
> URL: https://issues.apache.org/jira/browse/HIVE-26464
> Project: Hive
> Issue Type: Task
> Components: HiveServer2, repl
> Reporter: Peter Felker
> Assignee: Peter Felker
> Priority: Major
>
> In {{ReplDumpTask}}, if the following *new* config is provided in
> {{HiveConf}}:
> * {{hive.repl.cloud.credential.provider.path}}
> then the HS2 credstore URI scheme, contained by {{HiveConf}} with key
> {{hadoop.security.credential.provider.path}}, should be updated so that it
> will start with new scheme: {{hiverepljceks}}. For instance:
> {code}jceks://file/path/to/credstore/creds.localjceks{code}
> will become:
> {code}hiverepljceks://file/path/to/credstore/creds.localjceks{code}
> This new scheme, {{hiverepljceks}}, will make Hadoop to use a *new*
> credential provider, which will do the following:
> # Load the HS2 keystore file, defined by key
> {{hadoop.security.credential.provider.path}}
> # Gets a password from the HS2 keystore file, with key:
> {{hive.repl.cloud.credential.provider.password}}
> # This password will be used to load another keystore file, located on HDFS
> and specified by the new config mentioned before:
> {{hive.repl.cloud.credential.provider.path}}. This contains the cloud
> credentials for the Hive cloud replication.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
