You are viewing a plain text version of this content. The canonical link for it is here.
Posted to hdfs-issues@hadoop.apache.org by "Simbarashe Dzinamarira (Jira)" <ji...@apache.org> on 2023/05/24 19:04:00 UTC
[jira] [Updated] (HDFS-17025) RBF: Support port based selective encryption from routers.
[ https://issues.apache.org/jira/browse/HDFS-17025?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Simbarashe Dzinamarira updated HDFS-17025:
------------------------------------------
Description:
HDFS-13541 implemented based selective encryption in the Namenode.
{noformat}
This feature allows HDFS to selectively enforce encryption for both RPC (NameNode) and data transfer (DataNode).
With this feature enabled, NameNode can listen on multiple ports, and different ports can have different security
configurations. Depending on which NameNode port clients connect to, the RPC calls and the following data transfer
will enforce security configuration corresponding to this NameNode port. This can help when there is requirement
to enforce different security policies depending on the location where the clients are connecting from.{noformat}
This ability for selective encryption should still be available to clients when they connect to routers instead of directly to the namenode.
This implemented can leverage a lot of the code written for the Namenode selective port based encryption. A lot of the changes are in hadoop-common, eg. HDFS-13566.
was:
HDFS-13541 implemented based selective encryption in the Namenode.
{noformat}
This feature allows HDFS to selectively enforce encryption for both RPC (NameNode) and data transfer (DataNode). With this feature enabled, NameNode can listen on multiple ports, and different ports can have different security configurations. Depending on which NameNode port clients connect to, the RPC calls and the following data transfer will enforce security configuration corresponding to this NameNode port. This can help when there is requirement to enforce different security policies depending on the location where the clients are connecting from.{noformat}
This ability for selective encryption should still be available to clients when they connect to routers instead of directly to the namenode.
This implemented can leverage a lot of the code written for the Namenode selective port based encryption. A lot of the changes are in hadoop-common, eg. HDFS-13566.
> RBF: Support port based selective encryption from routers.
> ----------------------------------------------------------
>
> Key: HDFS-17025
> URL: https://issues.apache.org/jira/browse/HDFS-17025
> Project: Hadoop HDFS
> Issue Type: New Feature
> Components: hdfs, rbf
> Reporter: Simbarashe Dzinamarira
> Priority: Major
>
> HDFS-13541 implemented based selective encryption in the Namenode.
> {noformat}
> This feature allows HDFS to selectively enforce encryption for both RPC (NameNode) and data transfer (DataNode).
> With this feature enabled, NameNode can listen on multiple ports, and different ports can have different security
> configurations. Depending on which NameNode port clients connect to, the RPC calls and the following data transfer
> will enforce security configuration corresponding to this NameNode port. This can help when there is requirement
> to enforce different security policies depending on the location where the clients are connecting from.{noformat}
> This ability for selective encryption should still be available to clients when they connect to routers instead of directly to the namenode.
> This implemented can leverage a lot of the code written for the Namenode selective port based encryption. A lot of the changes are in hadoop-common, eg. HDFS-13566.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: hdfs-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: hdfs-issues-help@hadoop.apache.org