apex-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (APEXCORE-711) Support custom SSL keystore for the Stram REST API web service
Date Thu, 27 Apr 2017 21:58:04 GMT

    [ https://issues.apache.org/jira/browse/APEXCORE-711?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15987779#comment-15987779
] 

ASF GitHub Bot commented on APEXCORE-711:
-----------------------------------------

GitHub user sanjaypujare opened a pull request:

    https://github.com/apache/apex-core/pull/520

    APEXCORE-711 create a new attribute CUSTOM_SSL_SERVER_CONFIG and use its value to set
custom ssl server config

    @PramodSSImmaneni  pls review and merge as appropriate

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/sanjaypujare/apex-core APEXCORE-711.sanjay.master

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/apex-core/pull/520.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #520
    
----
commit 660005fc77ebd6f7b6e0c23d6e82f9a08a9527d4
Author: Sanjay Pujare <sanjaypujare@sanjay-dt-mac2.local>
Date:   2017-04-27T21:56:17Z

    APEXCORE-711 create a new attribute CUSTOM_SSL_SERVER_CONFIG and use its value to set
custom ssl server config

----


> Support custom SSL keystore for the Stram REST API web service
> --------------------------------------------------------------
>
>                 Key: APEXCORE-711
>                 URL: https://issues.apache.org/jira/browse/APEXCORE-711
>             Project: Apache Apex Core
>          Issue Type: Improvement
>            Reporter: Sanjay M Pujare
>            Assignee: Sanjay M Pujare
>   Original Estimate: 72h
>  Remaining Estimate: 72h
>
> Currently StrAM supports only the default Hadoop SSL configuration for the web-service
because it uses org.apache.hadoop.yarn.webapp.WebApps helper class which has the limitation
of only using the default Hadoop SSL config that is read from Hadoop's ssl-server.xml resource
file. Some users have run into a situation where Hadoops' SSL keystore is not available on
most cluster nodes or the Stram process doesn't have read access to the keystore even when
present. So there is a need for the Stram to use a custom SSL keystore and configuration that
does not suffer from these limitations.
> There is already a PR https://github.com/apache/hadoop/pull/213 to Hadoop to support
this in Hadoop and it is in the process of getting merged soon.
> After that Stram needs to be enhanced (this JIRA) to accept the location of a custom
ssl-server.xml file (supplied by the client via a DAG attribute) and use the values from that
file to set up the config object to be passed to WebApps which will end up using the custom
SSL configuration. This approach has already been verified in a prototype.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Mime
View raw message