[ https://issues.apache.org/jira/browse/SPARK-25024?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16575267#comment-16575267 ]
Thomas Graves commented on SPARK-25024: --------------------------------------- ok, I'm not familiar with mesos hardly at all so I apologize if some of these seem intuitive, from reading the mesos docs its not clear to me on a few points. Note I'm going to go through the yarn docs and try to clarify very similar things there. I see some updates have been made on master vs I was originally looking at the 2.3.1 docs (https://github.com/apache/spark/blob/master/docs/running-on-mesos.md) * for cluster mode does MesosClusterDispatcher support authentication and can zookeeper be secured? * Does it support accessing secure HDFS? Does it require keytabs be shipped? * does Mesos Shuffle Service support authentication? I assume so since I would expect it to use spark RPC, so assume spark confs when you start it need spark.authenticate=true and specify a secret? So its not really multi-tenant, but perhaps mesos handles the multi-tenancy as does each user start their own shuffle service? * spark.mesos.principal and spark.mesos.secret, assume mesos handles multi-tenancy based on registry? * for the spark.mesos.driver.secret* configs, I assume it would vary by setup if these are actually secure. For instance if I specify an env variable or config can other users see it. Also does that secret need to match shuffle service, might depend on question above if only one per cluster or setup per user. Maybe to many variations to talk about? * > Update mesos documentation to be clear about security supported > --------------------------------------------------------------- > > Key: SPARK-25024 > URL: https://issues.apache.org/jira/browse/SPARK-25024 > Project: Spark > Issue Type: Bug > Components: Documentation > Affects Versions: 2.2.2 > Reporter: Thomas Graves > Priority: Major > > I was reading through our mesos deployment docs and security docs and its not > clear at all what type of security and how to set it up for mesos. I think > we should clarify this and have something about exactly what is supported and > what is not. -- This message was sent by Atlassian JIRA (v7.6.3#76005) --------------------------------------------------------------------- To unsubscribe, e-mail: issues-unsubscr...@spark.apache.org For additional commands, e-mail: issues-h...@spark.apache.org