Support Questions

Find answers, ask questions, and share your expertise
Announcements
Celebrating as our community reaches 100,000 members! Thank you!

Why kms-acls.xml file is not deploying to hosts?

avatar
New Contributor

After completely configuring HDFS Transparent Encryption and created HDFS Encrypted Zone, i want to configure access to created Encrypted Zone for specific user. So, in CM UI i configured Key Trustee KMS property calling Key Management Server Proxy Advanced Configuration Snippet (Safety Valve) for kms-acls.xml.

 

But, on hosts (host with Key Management Server Proxy role for example ) file /etc/hadoop-kms/conf/kms-acls.xml is not updating after add/change properties in CM UI and refresh cluster. I had tried reboot whole cluster, but it was not help. So, what i do wrong?

2 REPLIES 2

avatar
New Contributor

Probably it was necessary to ask a question to find the answer. kms-acls.xml deploying only to hosts with Key Management Server Proxy role. It's ok. Also, it is stored in another directory:

/opt/cloudera/parcels/CDH-6.2.0-1...../etc/hadoop-kms/conf.dist/kms-acls.xml

avatar
New Contributor

I am sorry, it is not the solution. It is just symlink, so problem is actual.


Screenshot 2020-11-17 at 13.51.09.png