[
https://issues.apache.org/jira/browse/SAMZA-19?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13743095#comment-13743095
]
Chris Riccomini commented on SAMZA-19:
--------------------------------------
What do you think about dropping the HTTP REST service, and switching the RPC
system to a Hadoop RPC-based implementation (HTTP+Protobuf) later? This would
give us all the security goodness that comes with it, right?
If we go this route, I propose just eliminating the RPC service for now, and
opening a second ticket for the Hadoop RPC service.
> Secure YARN AM
> --------------
>
> Key: SAMZA-19
> URL: https://issues.apache.org/jira/browse/SAMZA-19
> Project: Samza
> Issue Type: Bug
> Reporter: Chris Riccomini
> Assignee: Jakob Homan
>
> Samza's YARN AM starts a Jetty servlet container that runs a Scalatra/SCAML
> dashboard server for the Sama job, and a HTTP-RESTish RPC server on two
> different ports.
> We should secure the AM dashboard using Hadoop's security mechanism (a SPNEGO
> servlet filter, I believe).
> Need to investigate what to do regarding the RPC server.
> [~jakobhoman] Any feedback on the best approach here? Does SPNEGO filter seem
> sane? What's the pattern for RPC?
> I'm assuming MapReduce is using the same RPC as YARN, and get security at the
> RPC level for free.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
