Dear Users, Please remove me from the thread. I am no longer associated with Hadoop
On Fri, Jun 19, 2015 at 2:37 PM, Sitaraman Vilayannur < vrsitaramanietfli...@gmail.com> wrote: > Thanks for the info Arun. I asked this question for a custom application of > mine wherein i > need to retrieve the key from MapReduce code. Is there a way that i can > replicate my keyprovider across > the data nodes and then access the local key provider from MR code at each > data node? If so what > method would be recommended to do this. > Sitaraman > > On Fri, Jun 19, 2015 at 11:56 AM, Arun Suresh <asur...@apache.org> wrote: > > > You really do not need to talk to the KMS directly from the MR code.. The > > MR framework and the DFSClient will automatically decrypt for you when > the > > mappers are reading a file (one of the reasons why this is called > > "transparent" data encryption). Similarly, files that are written to an > > output directory will be encrypted with the required key (if the output > > directory is contained within an encryption zone). > > > > But ofcourse, there is nothing stopping you from talking to the KMS > > directly from java code (using the KMSClientProvider). But most KMS > > deployments would restrict create key operations etc. for non-admin > users. > > > > On Thu, Jun 18, 2015 at 6:56 PM, Sitaraman Vilayannur < > > vrsitaramanietfli...@gmail.com> wrote: > > > > > Hi, > > > > > > Using the key management system will i be able to store a set of > keys > > > in my keystore and then retrieve those keys later based on their > aliases > > > from within the map/reduce phase to do my encyrption/decryption > > activities > > > from map reduce? > > > > > > Thanks > > > > > > Sitaraman > > > > > >
