[
https://issues.apache.org/jira/browse/HADOOP-8581?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13782165#comment-13782165
]
Vinod Kumar Vavilapalli commented on HADOOP-8581:
-------------------------------------------------
We started building on this in YARN, but we can change. We need to decide on
few things.
Today, there is
- a common hadoop.ssl.enabled flag as added in the patch
- a hdfs specific dfs.https.enabled flag.
- We haven't added a new config in YARN assuming that we can just use the
common flag.
We could deprecate the dfs flag in favor of the common flag, but that's a
decision to be made.
Irrespective of the above decision, I think that if a https specific port is
configured, then NN/DN should set the same setting for HttpServer. Today, what
is happening is that NN/DN explicitly call addSslListener() and start https on
user configured port. HttpServer doesn't know this, depends on
hadoop.ssl.enabled flag and starts https on the regular http port also.
One more choice to make is what to do with regular http if user configures a
https port. I think it makes sense to redirect traffic from http to https so
that the user clearly knows he is talking https AND on a different port.
> add support for HTTPS to the web UIs
> ------------------------------------
>
> Key: HADOOP-8581
> URL: https://issues.apache.org/jira/browse/HADOOP-8581
> Project: Hadoop Common
> Issue Type: New Feature
> Components: security
> Affects Versions: 2.0.0-alpha
> Reporter: Alejandro Abdelnur
> Assignee: Alejandro Abdelnur
> Fix For: 2.0.2-alpha
>
> Attachments: HADOOP-8581.patch, HADOOP-8581.patch, HADOOP-8581.patch,
> HADOOP-8581.patch, HADOOP-8581.patch, HADOOP-8581.patch, HADOOP-8581.patch
>
>
> HDFS/MR web UIs don't work over HTTPS, there are places where 'http://' is
> hardcoded.
--
This message was sent by Atlassian JIRA
(v6.1#6144)
