Dear Users,

Please remove me from the thread. I am no longer associated with Hadoop

On Fri, Jun 19, 2015 at 2:37 PM, Sitaraman Vilayannur <
vrsitaramanietfli...@gmail.com> wrote:

> Thanks for the info Arun. I asked this question for a custom application of
> mine wherein i
> need to retrieve the key from MapReduce code. Is there a way that i can
> replicate my keyprovider across
> the data nodes and then access the local key provider from MR code at each
> data node? If so what
> method would be recommended to do this.
> Sitaraman
>
> On Fri, Jun 19, 2015 at 11:56 AM, Arun Suresh <asur...@apache.org> wrote:
>
> > You really do not need to talk to the KMS directly from the MR code.. The
> > MR framework and the DFSClient will automatically decrypt for you when
> the
> > mappers are reading a file (one of the reasons why this is called
> > "transparent" data encryption). Similarly, files that are written to an
> > output directory will be encrypted with the required key (if the output
> > directory is contained within an encryption zone).
> >
> > But ofcourse, there is nothing stopping you from talking to the KMS
> > directly from java code (using the KMSClientProvider). But most KMS
> > deployments would restrict create key operations etc. for non-admin
> users.
> >
> > On Thu, Jun 18, 2015 at 6:56 PM, Sitaraman Vilayannur <
> > vrsitaramanietfli...@gmail.com> wrote:
> >
> > > Hi,
> > >
> > >   Using the key management system  will i be able to store  a set of
> keys
> > > in my keystore and then retrieve those keys later based on their
> aliases
> > > from within the map/reduce phase to do my encyrption/decryption
> > activities
> > > from map reduce?
> > >
> > > Thanks
> > >
> > > Sitaraman
> > >
> >
>

Reply via email to