hadoop-yarn-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sanjay M Pujare (JIRA)" <j...@apache.org>
Subject [jira] [Issue Comment Deleted] (YARN-6457) Allow custom SSL configuration to be supplied in WebApps
Date Mon, 01 May 2017 17:38:04 GMT

     [ https://issues.apache.org/jira/browse/YARN-6457?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel

Sanjay M Pujare updated YARN-6457:
    Comment: was deleted

(was: [~haibochen] I understand the issue you have raised but I see couple of problems with
your suggestion:

- in the current code in WebAppUtils.java in the function loadSslConfiguration(HttpServer2.Builder,
Configuration) it doesn't get the value of hadoop.ssl.server.conf key but the default value
YarnConfiguration.YARN_SSL_SERVER_RESOURCE_DEFAULT (i.e. ssl-server.xml) is hardcoded in the
loadResource call. Unless you are proposing fixing this, your suggestion won't work

- the Hadoop app (in our case) reads the same set of config files as the other Hadoop components
so it is going read the yarn-site.xml file and use the same value of hadoop.ssl.server.conf
but of course the app can get the value from somewhere else and override it in the Confguration
object before passing it to WebApps builder. But in that case doesn't it defeat the purpose
of marking it final in yarn-site.xml?

Also we have coded and tested our fix against the change in the PR so we would like to go
ahead with this fix (assuming it passes all the reviews))

> Allow custom SSL configuration to be supplied in WebApps
> --------------------------------------------------------
>                 Key: YARN-6457
>                 URL: https://issues.apache.org/jira/browse/YARN-6457
>             Project: Hadoop YARN
>          Issue Type: Improvement
>          Components: webapp, yarn
>            Reporter: Sanjay M Pujare
>            Assignee: Sanjay M Pujare
>   Original Estimate: 96h
>  Remaining Estimate: 96h
> Currently a custom SSL store cannot be passed on to WebApps which forces the embedded
web-server to use the default keystore set up in ssl-server.xml for the whole Hadoop cluster.
There are cases where the Hadoop app needs to use its own/custom keystore.

This message was sent by Atlassian JIRA

To unsubscribe, e-mail: yarn-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: yarn-issues-help@hadoop.apache.org

View raw message