big-data/hadoop
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

HDFS-6388. HDFS integration with KeyProvider. (clamb)

Browse Source 
git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/branches/fs-encryption@1598783 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Charles Lamb 2014-05-30 23:53:45 +00:00
parent f7921030cd
commit 4054a40891
2 changed files with 38 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
hadoop-common-project/hadoop-common/CHANGES-fs-encryption.txt
View File

@ -6,6 +6,8 @@ fs-encryption (Unreleased)
NEW FEATURES NEW FEATURES
HDFS-6388. HDFS integration with KeyProvider. (clamb)
IMPROVEMENTS IMPROVEMENTS
HADOOP-10603. Crypto input and output streams implementing Hadoop stream HADOOP-10603. Crypto input and output streams implementing Hadoop stream

36
hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/NameNode.java
View File

@ -27,6 +27,8 @@
import org.apache.hadoop.HadoopIllegalArgumentException; import org.apache.hadoop.HadoopIllegalArgumentException;
import org.apache.hadoop.classification.InterfaceAudience; import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.conf.Configuration; import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.crypto.key.KeyProvider;
import org.apache.hadoop.crypto.key.KeyProviderFactory;
import org.apache.hadoop.fs.FileSystem; import org.apache.hadoop.fs.FileSystem;
import org.apache.hadoop.fs.Trash; import org.apache.hadoop.fs.Trash;
import org.apache.hadoop.ha.HAServiceProtocol.HAServiceState; import org.apache.hadoop.ha.HAServiceProtocol.HAServiceState;
@ -270,6 +272,9 @@ public long getProtocolVersion(String protocol,
private NameNodeRpcServer rpcServer; private NameNodeRpcServer rpcServer;
/* The KeyProvider, if any. */
private KeyProvider provider = null;
private JvmPauseMonitor pauseMonitor; private JvmPauseMonitor pauseMonitor;
private ObjectName nameNodeStatusBeanName; private ObjectName nameNodeStatusBeanName;
/** /**
@ -581,6 +586,7 @@ protected void initialize(Configuration conf) throws IOException {
startHttpServer(conf); startHttpServer(conf);
} }
loadNamesystem(conf); loadNamesystem(conf);
initializeKeyProvider(conf);
rpcServer = createRpcServer(conf); rpcServer = createRpcServer(conf);
if (clientNamenodeAddress == null) { if (clientNamenodeAddress == null) {
@ -699,6 +705,36 @@ private void stopHttpServer() {
} }
} }
private void initializeKeyProvider(final Configuration conf) {
try {
final List<KeyProvider> providers = KeyProviderFactory.getProviders(conf);
if (providers == null) {
return;
}
if (providers.size() == 0) {
LOG.info("No KeyProviders found.");
return;
}
if (providers.size() > 1) {
final String err =
"Multiple KeyProviders found. Only one is permitted.";
LOG.error(err);
throw new RuntimeException(err);
}
provider = providers.get(0);
if (provider.isTransient()) {
final String err =
"A KeyProvider was found but it is a transient provider.";
LOG.error(err);
throw new RuntimeException(err);
}
} catch (IOException e) {
LOG.error("Exception while initializing KeyProvider", e);
}
}
/** /**
* Start NameNode. * Start NameNode.
* <p> * <p>