Uploaded image for project: 'Samza'
  1. Samza
  2. SAMZA-19

Secure YARN AM

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Open
    • Major
    • Resolution: Unresolved
    • 0.6.0
    • None
    • yarn

    Description

      Samza's YARN AM starts a Jetty servlet container that runs a Scalatra/SCAML dashboard server for the Sama job, and a HTTP-RESTish RPC server on two different ports.

      We should secure the AM dashboard using Hadoop's security mechanism (a SPNEGO servlet filter, I believe).

      Need to investigate what to do regarding the RPC server.

      jakobhoman Any feedback on the best approach here? Does SPNEGO filter seem sane? What's the pattern for RPC?

      I'm assuming MapReduce is using the same RPC as YARN, and get security at the RPC level for free.

      Attachments

        Issue Links

          relates to

          Bug - A problem which impairs or prevents the functions of the product. SAMZA-840 The Yarn RM proxy fails to work with the AM UI when TLS is enabled

          • Major - Major loss of function.
          • Open

          Activity

            People

              Unassigned Unassigned
              criccomini Chris Riccomini
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated: