[jira] [Commented] (SPARK-25024) Update mesos documentation to be clear about security supported

Thu, 09 Aug 2018 11:42:53 -0700 


    [ 
https://issues.apache.org/jira/browse/SPARK-25024?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16575267#comment-16575267
 ] 

Thomas Graves commented on SPARK-25024:
---------------------------------------

ok, I'm not familiar with mesos hardly at all so I apologize if some of these 
seem intuitive, from reading the mesos docs its not clear to me on a few 
points.  Note I'm going to go through the yarn docs and try to clarify very 
similar things there.

I see some updates have been made on master vs I was originally looking at the 
2.3.1 docs 
(https://github.com/apache/spark/blob/master/docs/running-on-mesos.md)
 * for cluster mode does MesosClusterDispatcher support authentication and can 
zookeeper be secured?
 * Does it support accessing secure HDFS?  Does it require keytabs be shipped?
 * does  Mesos Shuffle Service support authentication?  I assume so since I 
would expect it to use spark RPC, so assume spark confs when you start it need 
spark.authenticate=true and specify a secret?  So its not really multi-tenant, 
but perhaps mesos handles the multi-tenancy as does each user start their own 
shuffle service?
 * spark.mesos.principal and spark.mesos.secret, assume mesos handles 
multi-tenancy based on registry?
 * for the spark.mesos.driver.secret* configs, I assume it would vary by setup 
if these are actually secure.  For instance if I specify an env variable or 
config can other users see it.  Also does that secret need to match shuffle 
service, might depend on question above if only one per cluster or setup per 
user.  Maybe to many variations to talk about?
 *

> Update mesos documentation to be clear about security supported
> ---------------------------------------------------------------
>
>                 Key: SPARK-25024
>                 URL: https://issues.apache.org/jira/browse/SPARK-25024
>             Project: Spark
>          Issue Type: Bug
>          Components: Documentation
>    Affects Versions: 2.2.2
>            Reporter: Thomas Graves
>            Priority: Major
>
> I was reading through our mesos deployment docs and security docs and its not 
> clear at all what type of security and how to set it up for mesos.  I think 
> we should clarify this and have something about exactly what is supported and 
> what is not.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@spark.apache.org
For additional commands, e-mail: issues-h...@spark.apache.org

Reply via email to