[jira] [Commented] (SPARK-6229) Support SASL encryption in network/common module

[Jeffrey Turpin (JIRA)]

    [ 
https://issues.apache.org/jira/browse/SPARK-6229?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14487878#comment-14487878
 ] 

Jeffrey Turpin commented on SPARK-6229:
---------------------------------------

Hey Marcelo,

I have been working on SPARK-6373 and have reviewed you pull request and merged 
into my wip https://github.com/turp1twin/spark/tree/ssl-shuffle. I tried to 
follow the general design pattern that I discussed with Aaron Davidson, by 
having a single EncryptionHandler interface and implementations for both SSL 
and SASL Encryption. One issue I faced is that the timing of adding the 
appropriate encryption handlers differs for SSL and SASL. For SSL, I need to 
add the SslHandler to the Netty pipeline before the connection is made, and for 
SASL, it looks like you add it during the TransportClient/Server Bootstrap 
process which occurs after the initial connection. Anyways, I haven't created a 
pull request yet and am waiting on some more feedback... If you have some time 
perhaps you can give me your thoughts... Some commits of interest...

https://github.com/apache/spark/commit/ab8743f6ac707060cbae63bdf491723709fe32f3
https://github.com/apache/spark/commit/9527aef89b1bbc80a22337552dd54af936aa1094

Cheers,

Jeff


> Support SASL encryption in network/common module
> ------------------------------------------------
>
>                 Key: SPARK-6229
>                 URL: https://issues.apache.org/jira/browse/SPARK-6229
>             Project: Spark
>          Issue Type: Sub-task
>          Components: Spark Core
>            Reporter: Marcelo Vanzin
>
> After SASL support has been added to network/common, supporting encryption 
> should be rather simple. Encryption is supported for DIGEST-MD5 and GSSAPI. 
> Since the latter requires a valid kerberos login to work (and so doesn't 
> really work with executors), encryption would require the use of DIGEST-MD5.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@spark.apache.org
For additional commands, e-mail: issues-h...@spark.apache.org