flink-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (FLINK-3931) Implement Transport Encryption (SSL/TLS)
Date Thu, 06 Oct 2016 16:53:21 GMT

    [ https://issues.apache.org/jira/browse/FLINK-3931?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15552470#comment-15552470

ASF GitHub Bot commented on FLINK-3931:

Github user mxm commented on a diff in the pull request:

    --- Diff: docs/setup/config.md ---
    @@ -222,6 +238,7 @@ The following parameters configure Flink's JobManager and TaskManagers.
     - `jobmanager.web.backpressure.refresh-interval`: Time after which available stats are
deprecated and need to be refreshed (DEFAULT: `60000`, 1 min).
     - `jobmanager.web.backpressure.num-samples`: Number of stack trace samples to take to
determine back pressure (DEFAULT: `100`).
     - `jobmanager.web.backpressure.delay-between-samples`: Delay between stack trace samples
to determine back pressure (DEFAULT: `50`, 50 ms).
    +- `jobmanager.web.ssl.enabled`: Enable https access to the web frontend. This is applicable
only when the global ssl flag security.ssl.enabled is set to true (DEFAULT: `true`).
    --- End diff --
    Do we really need a switch for this? If we have `security.ssl.enabled` set to `true`,
then this should always be enabled.

> Implement Transport Encryption (SSL/TLS)
> ----------------------------------------
>                 Key: FLINK-3931
>                 URL: https://issues.apache.org/jira/browse/FLINK-3931
>             Project: Flink
>          Issue Type: New Feature
>            Reporter: Eron Wright 
>            Assignee: Suresh Krishnappa
>              Labels: security
>   Original Estimate: 1,008h
>  Remaining Estimate: 1,008h
> _This issue is part of a series of improvements detailed in the [Secure Data Access|https://docs.google.com/document/d/1-GQB6uVOyoaXGwtqwqLV8BHDxWiMO2WnVzBoJ8oPaAs/edit?usp=sharing]
design doc._
> To assure privacy and data integrity between Flink components, enable TLS for all communication
channels.  As described in the design doc:
> - Accept a configured certificate or generate a certificate.
> - Enable Akka SSL
> - Implement Data Transfer SSL
> - Implement Blob Server SSL
> - Implement Web UI HTTPS

This message was sent by Atlassian JIRA

View raw message