Support Questions

Find answers, ask questions, and share your expertise

Who agreed with this topic

Could not find uri with key dfs.encryption.key.provider.uri to create a keyProvider in HDFS

avatar
Explorer

CDH Version: CDH5.4.5

Issue: When HDFS Encryption is enabled using KMS available in Hadoop CDH 5.4 , getting error while putting file into encryption zone.

Steps:

Steps for Encryption of Hadoop as follows:

    Creating a key [SUCCESS]

    [tester@master ~]$ hadoop key create 'TDEHDP'
    -provider kms://https@10.1.118.1/key_generator/kms -size 128
    tde group has been successfully created with options
    Options{cipher='AES/CTR/NoPadding', bitLength=128, description='null', attributes=null}.
    KMSClientProvider[https://10.1.118.1/key_generator/kms/v1/] has been updated.

2.Creating a directory [SUCCESS]

[tester@master ~]$ hdfs dfs -mkdir /user/tester/vs_key_testdir

    Adding Encryption Zone [SUCCESS]

    [tester@master ~]$ hdfs crypto -createZone -keyName 'TDEHDP'
    -path /user/tester/vs_key_testdir
    Added encryption zone /user/tester/vs_key_testdir

    Copying File to encryption Zone [ERROR]

    [tdetester@master ~]$ hdfs dfs -copyFromLocal test.txt /user/tester/vs_key_testdir

    15/09/04 06:06:33 ERROR hdfs.KeyProviderCache: Could not find uri with key [dfs.encryption.key.provider.uri] to create a keyProvider !! copyFromLocal: No KeyProvider is configured, cannot access an encrypted file 15/09/04 06:06:33 ERROR hdfs.DFSClient: Failed to close inode 20823 org.apache.hadoop.ipc.RemoteException(org.apache.hadoop.hdfs.server.namenode.LeaseExpiredException): No lease on /user/tester/vs_key_testdir/test.txt.COPYING (inode 20823): File does not exist. Holder DFSClient_NONMAPREDUCE_1061684229_1 does not have any open files.

Any idea/suggestion will be helpful.

Who agreed with this topic