Uploaded image for project: 'Spark'
  1. Spark
  2. SPARK-26239

Add configurable auth secret source in k8s backend

Log workAgile BoardRank to TopRank to BottomAttach filesAttach ScreenshotBulk Copy AttachmentsBulk Move AttachmentsVotersStop watchingWatchersCreate sub-taskConvert to sub-taskMoveLinkCloneLabelsUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete CommentsDelete
    XMLWordPrintableJSON

Details

    • New Feature
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • 3.0.0
    • 3.0.0
    • Kubernetes, Spark Core
    • None

    Description

      This is a follow up to SPARK-26194, which aims to add auto-generated secrets similar to the YARN backend.

      There's a desire to support different ways to generate and propagate these auth secrets (e.g. using things like Vault). Need to investigate:

      • exposing configuration to support that
      • changing SecurityManager so that it can delegate some of the secret-handling logic to custom implementations
      • figuring out whether this can also be used in client-mode, where the driver is not created by the k8s backend in Spark.

      Attachments

        Issue Links

        Activity

          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            mcheah Matt Cheah Assign to me
            vanzin Marcelo Masiero Vanzin
            Votes:
            0 Vote for this issue
            Watchers:
            5 Stop watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Slack

                Issue deployment