apex-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sanjay M Pujare (JIRA)" <j...@apache.org>
Subject [jira] [Created] (APEXCORE-711) Support custom SSL keystore for the Stram REST API web service
Date Sun, 23 Apr 2017 04:23:04 GMT
Sanjay M Pujare created APEXCORE-711:
----------------------------------------

             Summary: Support custom SSL keystore for the Stram REST API web service
                 Key: APEXCORE-711
                 URL: https://issues.apache.org/jira/browse/APEXCORE-711
             Project: Apache Apex Core
          Issue Type: Improvement
            Reporter: Sanjay M Pujare
            Assignee: Sanjay M Pujare


Currently StrAM supports only the default Hadoop SSL configuration for the web-service because
it uses org.apache.hadoop.yarn.webapp.WebApps helper class which has the limitation of only
using the default Hadoop SSL config that is read from Hadoop's ssl-server.xml resource file.
Some users have run into a situation where Hadoops' SSL keystore is not available on most
cluster nodes or the Stram process doesn't have read access to the keystore even when present.
So there is a need for the Stram to use a custom SSL keystore and configuration that does
not suffer from these limitations.

There is already a PR https://github.com/apache/hadoop/pull/213 to Hadoop to support this
in Hadoop and it is in the process of getting merged soon.

After that Stram needs to be enhanced (this JIRA) to accept the location of a custom ssl-server.xml
file (supplied by the client via a DAG attribute) and use the values from that file to set
up the config object to be passed to WebApps which will end up using the custom SSL configuration.
This approach has already been verified in a prototype.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Mime
View raw message