Uploaded image for project: 'Spark'
  1. Spark
  2. SPARK-26239

Add configurable auth secret source in k8s backend

    XMLWordPrintableJSON

Details

    • New Feature
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • 3.0.0
    • 3.0.0
    • Kubernetes, Spark Core
    • None

    Description

      This is a follow up to SPARK-26194, which aims to add auto-generated secrets similar to the YARN backend.

      There's a desire to support different ways to generate and propagate these auth secrets (e.g. using things like Vault). Need to investigate:

      • exposing configuration to support that
      • changing SecurityManager so that it can delegate some of the secret-handling logic to custom implementations
      • figuring out whether this can also be used in client-mode, where the driver is not created by the k8s backend in Spark.

      Attachments

        Issue Links

          relates to

          Improvement - An improvement or enhancement to an existing feature or task. SPARK-26194 Support automatic spark.authenticate secret in Kubernetes backend

          • Major - Major loss of function.
          • Resolved
          links to

          Pull request #23252 [Github] Pull Request #23252 (mccheah)

          Web Link GitHub Pull Request #23252

          Activity

            People

              mcheah Matt Cheah
              vanzin Marcelo Masiero Vanzin
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: