hadoop-yarn-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Pramod Immaneni (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (YARN-6457) Allow custom SSL configuration to be supplied in WebApps
Date Mon, 01 May 2017 20:18:04 GMT

    [ https://issues.apache.org/jira/browse/YARN-6457?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15991458#comment-15991458
] 

Pramod Immaneni commented on YARN-6457:
---------------------------------------

If the method relies only on the configuration passed from outside, then the user could sidestep
any final settings for the ssl configuration and pass only the custom ssl setting, since the
user has total control on the construction of the configuration object. Instead, if the method
were to apply the configuration passed in from outside as an addendum on top of the internal
configuration object it is creating today then the setting can take effect. So what I am suggesting
is this

{code}
 public static HttpServer2.Builder loadSslConfiguration(
      HttpServer2.Builder builder, Configuration conf) {
      Configuration sslConf = new Configuration(false);
      boolean needsClientAuth = YarnConfiguration.YARN_SSL_CLIENT_HTTPS_NEED_AUTH_DEFAULT;
      sslConf.addResource(YarnConfiguration.YARN_SSL_SERVER_RESOURCE_DEFAULT);
      sslConf.addResource(conf);
      ....
{code}



> Allow custom SSL configuration to be supplied in WebApps
> --------------------------------------------------------
>
>                 Key: YARN-6457
>                 URL: https://issues.apache.org/jira/browse/YARN-6457
>             Project: Hadoop YARN
>          Issue Type: Improvement
>          Components: webapp, yarn
>            Reporter: Sanjay M Pujare
>            Assignee: Sanjay M Pujare
>   Original Estimate: 96h
>  Remaining Estimate: 96h
>
> Currently a custom SSL store cannot be passed on to WebApps which forces the embedded
web-server to use the default keystore set up in ssl-server.xml for the whole Hadoop cluster.
There are cases where the Hadoop app needs to use its own/custom keystore.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

---------------------------------------------------------------------
To unsubscribe, e-mail: yarn-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: yarn-issues-help@hadoop.apache.org


Mime
View raw message