You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-issues@hadoop.apache.org by "Yi Liu (JIRA)" <ji...@apache.org> on 2014/06/15 14:58:01 UTC
[jira] [Updated] (HADOOP-10604) CryptoFileSystem decorator using
xAttrs and KeyProvider
[ https://issues.apache.org/jira/browse/HADOOP-10604?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Yi Liu updated HADOOP-10604:
----------------------------
Attachment: HADOOP-10604.patch
{{CryptoFileSystem}} is used to decorate an existing filesystem and providers encryption. To use the crypto filesystem, user needs:
* configure a key provider.
* configuration encryption zones. (comma list, and each zone is “encryptionpath\{keyid\}”)
* use {{cfs://scheme@host:port/encryption-dir/file}} or {{cfs:///encryption-dir/file}} to read and write encryption file; this uri can be used as MapReduce input or output, and in other upper layer applications.
For HDFS transparent encryption, please use the approach in HDFS-6134 (even though {{CryptoFileSystem}} can be used to decorate HDFS and provider encryption), it supplies better support. {{CryptoFileSystem}} targets other filesystems.
> CryptoFileSystem decorator using xAttrs and KeyProvider
> -------------------------------------------------------
>
> Key: HADOOP-10604
> URL: https://issues.apache.org/jira/browse/HADOOP-10604
> Project: Hadoop Common
> Issue Type: Sub-task
> Components: fs
> Affects Versions: fs-encryption (HADOOP-10150 and HDFS-6134)
> Reporter: Alejandro Abdelnur
> Assignee: Yi Liu
> Fix For: fs-encryption (HADOOP-10150 and HDFS-6134)
>
> Attachments: HADOOP-10604.patch
>
>
> A FileSystem implementation that wraps an existing filesystem and provides encryption. It will require the underlying filesystem to support xAttrs. It will use the KeyProvider API to retrieve encryption keys.
> This is mostly the work in the patch HADOOP-10150 minus the crypto streams
--
This message was sent by Atlassian JIRA
(v6.2#6252)