spark-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "WangTaoTheTonic (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (SPARK-2750) Add Https support for Web UI
Date Fri, 01 Aug 2014 09:57:38 GMT

     [ https://issues.apache.org/jira/browse/SPARK-2750?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

WangTaoTheTonic updated SPARK-2750:
-----------------------------------

    Description: 
Now I try to add https support for web ui using Jetty ssl integration.Below is the plan:
1.Web UI include Master UI, Worker UI, HistoryServer UI and Spark Ui. User can switch between
https and http by configure "spark.http.policy" in JVM property for each process, while choose
http by default.
2.Web port of Master and worker would be decided in turn launch arguments, JVM property, System
Env and default.
3.Below is some other configuration items:
spark.ssl.server.keystore.location The file or URL of the SSL Key store
spark.ssl.server.keystore.password  The password for the key store
spark.ssl.server.keystore.keypassword The password (if any) for the specific key within the
key store
spark.ssl.server.keystore.type The type of the key store (default "JKS")
spark.client.https.need-auth True if SSL needs client authentication
spark.ssl.server.truststore.location The file name or URL of the trust store location
spark.ssl.server.truststore.password The password for the trust store
spark.ssl.server.truststore.type The type of the trust store (default "JKS")

Any feedback is welcome!

  was:
Now I try to add https support for web ui using Jetty ssl integration.Below is the plan:
1.Web UI include Master UI, Worker UI, HistoryServer UI and Spark Ui. User can choose to use
http or/and https way to acess them. We add some configuration items here, for example, "SPARK_MASTER_WEBUI_HTTPS_PORT"
in system envs claim the https port for master ui. Different items would be added  to control
access way of dirrenet processes in system envs, JVM Properties and launch args.
2.User choose access way according to their configuration. If http port is assigned, then
we start http service for web ui. If https port is assigned, we start https. If both two are
assigned, we start two. If neither is assigned, we start http service at default port as same
as now.
3.We should add some configuration items to state some args for ssl authentication, like keystore
location and keystore password in 1-way ssl, truststore location in 2-way. User can also choose
to switch between 1-way and 2-way.

Now I nearly have implemented the functions mentioned above. Here are some questions:
We know there are some hyper links between Master and Worker and some from Master to Spark
UI(Driver UI). Now the link is their http addresses. So if we add https to them, what we should
do when users click the links?
Situation:
1.Master http port to Worker which opens https port only.
2.Master https port to Worker which opens http port only.

Any feedback is welcome!


> Add Https support for Web UI
> ----------------------------
>
>                 Key: SPARK-2750
>                 URL: https://issues.apache.org/jira/browse/SPARK-2750
>             Project: Spark
>          Issue Type: New Feature
>          Components: Web UI
>            Reporter: WangTaoTheTonic
>              Labels: https, ssl, webui
>   Original Estimate: 96h
>  Remaining Estimate: 96h
>
> Now I try to add https support for web ui using Jetty ssl integration.Below is the plan:
> 1.Web UI include Master UI, Worker UI, HistoryServer UI and Spark Ui. User can switch
between https and http by configure "spark.http.policy" in JVM property for each process,
while choose http by default.
> 2.Web port of Master and worker would be decided in turn launch arguments, JVM property,
System Env and default.
> 3.Below is some other configuration items:
> spark.ssl.server.keystore.location The file or URL of the SSL Key store
> spark.ssl.server.keystore.password  The password for the key store
> spark.ssl.server.keystore.keypassword The password (if any) for the specific key within
the key store
> spark.ssl.server.keystore.type The type of the key store (default "JKS")
> spark.client.https.need-auth True if SSL needs client authentication
> spark.ssl.server.truststore.location The file name or URL of the trust store location
> spark.ssl.server.truststore.password The password for the trust store
> spark.ssl.server.truststore.type The type of the trust store (default "JKS")
> Any feedback is welcome!



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message