CDH版本:CDH5.4.5
问题:在使用Hadoop CDH 5.4中提供的KMS启用HDFS加密时,将文件放入加密区域时出现错误。
步骤:
Hadoop加密步骤如下:
Creating a key [SUCCESS]
[tester@master ~]$ hadoop key create 'TDEHDP' -provider kms://https@10.1.118.1/key_generator/kms -size 128 tde group has been successfully created with options Options{cipher='AES/CTR/NoPadding', bitLength=128, description='null', attributes=null}. KMSClientProvider[https://10.1.118.1/key_generator/kms/v1/] has been updated.
2.创建目录 [成功]
[tester@master ~]$ hdfs dfs -mkdir /user/tester/vs_key_testdir
Adding Encryption Zone [SUCCESS]
[tester@master ~]$ hdfs crypto -createZone -keyName 'TDEHDP' -path /user/tester/vs_key_testdir Added encryption zone /user/tester/vs_key_testdirCopying File to encryption Zone [ERROR]
[tdetester@master ~]$ hdfs dfs -copyFromLocal test.txt /user/tester/vs_key_testdir
15/09/04 06:06:33 错误 hdfs.KeyProviderCache:无法找到具有关键字[dfs.encryption.key.provider.uri]的URI以创建keyProvider!copyFromLocal:未配置KeyProvider,无法访问加密文件15/09/04 06:06 :33错误hdfs.DFSClient:无法关闭inode 20823 org.apache.hadoop.ipc.RemoteException(org.apache.hadoop.hdfs.server.namenode.LeaseExpiredException):/user/tester/vs_key_testdir/test.txt。没有租约COPYING(inode 20823):文件不存在。Holder DFSClient_NONMAPREDUCE_1061684229_1没有打开任何文件。
有任何想法/建议都会有所帮助。