Samza's YARN AM starts a Jetty servlet container that runs a Scalatra/SCAML dashboard server for the Sama job, and a HTTP-RESTish RPC server on two different ports.
We should secure the AM dashboard using Hadoop's security mechanism (a SPNEGO servlet filter, I believe).
Need to investigate what to do regarding the RPC server.
Jakob Homan Any feedback on the best approach here? Does SPNEGO filter seem sane? What's the pattern for RPC?
I'm assuming MapReduce is using the same RPC as YARN, and get security at the RPC level for free.