+1 (binding) This is a very important feature. I have gone through the design in detail. I have also discussed the details of design and needed as follow up with the team (I will post the details in the jira). The follow up items should not hold up merging this feature to trunk and can be done in trunk.
Great job everyone who contributed to this feature! On Fri, Aug 8, 2014 at 11:45 AM, Andrew Wang <andrew.w...@cloudera.com> wrote: > Hi all, > > I'd like to call a vote to merge the fs-encryption branch to trunk. > Development of this feature has been ongoing since March on HDFS-6134 and > HADOOP-10150, totally approximately 50 commits. > > The fs-encryption branch introduces support for transparent, end-to-end > encryption within an "encryption zone". Each file stored within an > encryption zone is automatically encrypted and decrypted with a unique key. > These per-file keys are encrypted with an encryption key only accessible by > the client, ensuring that only the client is able to decrypt sensitive > data. Furthermore, there is support for native, hardware-accelerated AES > encryption. For further details, please see the design doc on HDFS-6134. > > In terms of merge readiness, we've posted some successful consolidated > patches to the JIRA for Jenkins runs. distcp and fs -cp support has also > recently been completed, allowing users to securely copy encrypted files > without first decrypting them. There is ongoing work to add support for > WebHDFS, HttpFS, and other alternative access methods. Stephen Chu has also > posted a test plan, and has already identified a few issues that have been > fixed. > > Design and development of this feature was also a cross-company effort with > many different contributors. > > I'd like to thank Charles Lamb, Yi Liu, Uma Maheswara Rao G, Colin McCabe, > and Juan Yu for their code contributions and reviews. Alejandro Abdelnur > was also instrumental, doing a lot of the design work and as well as > writing most of the Hadoop Key Mangement Server (KMS). Finally, I'd like to > thank everyone who gave feedback on the JIRAs. This includes Owen, Sanjay, > Larry, Mike Y, ATM, Todd, Nicholas, and Andy, among others. > > With that, here's my +1 to merge this to trunk. > > Thanks, > Andrew > -- http://hortonworks.com/download/ -- CONFIDENTIALITY NOTICE NOTICE: This message is intended for the use of the individual or entity to which it is addressed and may contain information that is confidential, privileged and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are hereby notified that any printing, copying, dissemination, distribution, disclosure or forwarding of this communication is strictly prohibited. If you have received this communication in error, please contact the sender immediately and delete it from your system. Thank You.
