[jira] [Commented] (HIVE-26464) New credential provider for replicating to the cloud

Thu, 25 Aug 2022 04:59:56 -0700 


    [ 
https://issues.apache.org/jira/browse/HIVE-26464?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17584802#comment-17584802
 ] 

Peter Felker commented on HIVE-26464:
-------------------------------------

[~rajesh.balamohan], [~stev...@iseran.com]:
I've shared [Hive Replication Keystore 
Management|https://docs.google.com/document/u/1/d/1ZRveqNCvFn__UFke7pKx3KZ2r6_AH7Z4MBDKuuapJHE/edit]
 documentation with you.

> New credential provider for replicating to the cloud
> ----------------------------------------------------
>
>                 Key: HIVE-26464
>                 URL: https://issues.apache.org/jira/browse/HIVE-26464
>             Project: Hive
>          Issue Type: Task
>          Components: HiveServer2, repl
>            Reporter: Peter Felker
>            Assignee: Peter Felker
>            Priority: Major
>              Labels: pull-request-available
>          Time Spent: 50m
>  Remaining Estimate: 0h
>
> For a more detailed explanation, see: [Hive Replication Keystore Management 
> |https://docs.google.com/document/d/1ZRveqNCvFn__UFke7pKx3KZ2r6_AH7Z4MBDKuuapJHE/edit]
> In {{ReplDumpTask}}, if the following *new* config is provided in 
> {{HiveConf}}:
> * {{hive.repl.cloud.credential.provider.path}}
> then the HS2 credstore URI scheme, contained by {{HiveConf}} with key 
> {{hadoop.security.credential.provider.path}}, should be updated so that it 
> will start with new scheme: {{hiverepljceks}}. For instance:
> {code}jceks://file/path/to/credstore/creds.localjceks{code}
> will become:
> {code}hiverepljceks://file/path/to/credstore/creds.localjceks{code}
> This new scheme, {{hiverepljceks}}, will make Hadoop to use a *new* 
> credential provider, which will do the following:
> # Load the HS2 keystore file, defined by key 
> {{hadoop.security.credential.provider.path}}
> # Gets a password from the HS2 keystore file, with key: 
> {{hive.repl.cloud.credential.provider.password}}
> # This password will be used to load another keystore file, located on HDFS 
> and specified by the new config mentioned before: 
> {{hive.repl.cloud.credential.provider.path}}. This contains the cloud 
> credentials for the Hive cloud replication.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to