[
https://issues.apache.org/jira/browse/MAPREDUCE-4417?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Alejandro Abdelnur updated MAPREDUCE-4417:
------------------------------------------
Attachment: MAPREDUCE-4417.patch
@todd, thanks for the detailed review.
I've integrated most of your comments.
* The javadoc style for 'Returns BLAH' and then '@return BLAH' is Sun javadoc
sytle.
* keystore type is case insensitive, 'jks' is the same as 'JKS'. Still I've
lowercased that javadoc.
* the ReloadingX509TrustManager will work with an empty keystore if the
keystore file is not avail at initialization time, and if the keystore file
becomes available later one, it will be loaded. WARNs are logged while the file
is not present, so it won't go unnoticed.
* added a init()/destroy() methods where appropriate to be able to shutdown the
reload thread gracefully.
* If reload() fails to reload the new keystore, it assumes there are not certs
and runs empty until the next reload attempt. Seems a safer assumption that
continuing running with obsolete keys.
* While hadoop.ssl.enabled only applies to shuffle, the intention is to use it
for the rest of the HTTP endpoints. Thus, a single know would enable SSL. That
is why the name of the property and its location (in core-default.xml)
* Regarding having it per job, This would require having shuffler serving both
HTTP and HTTPS and denying the endpoint the job is not configured to use. This
would require the shuffler to have access to that piece of job configuration.
I'd say it is out of scope of this patch, and it could be a future improvement.
* In the TestSSLFactory, the Assert.fail() statements, are sections the test
should not make it; they are used for negative tests.
* Client certs are disabled by default. If they are per job, yes they could be
shipped via DC. This would require a alternate implementation of the
KeyStoresFactory, thus the mechanism is already in place.
> add support for encrypted shuffle
> ---------------------------------
>
> Key: MAPREDUCE-4417
> URL: https://issues.apache.org/jira/browse/MAPREDUCE-4417
> Project: Hadoop Map/Reduce
> Issue Type: New Feature
> Components: mrv2, security
> Affects Versions: 2.0.0-alpha
> Reporter: Alejandro Abdelnur
> Assignee: Alejandro Abdelnur
> Fix For: 2.1.0-alpha
>
> Attachments: MAPREDUCE-4417.patch, MAPREDUCE-4417.patch,
> MAPREDUCE-4417.patch, MAPREDUCE-4417.patch, MAPREDUCE-4417.patch,
> MAPREDUCE-4417.patch, MAPREDUCE-4417.patch, MAPREDUCE-4417.patch,
> MAPREDUCE-4417.patch, MAPREDUCE-4417.patch, MAPREDUCE-4417.patch,
> MAPREDUCE-4417.patch
>
>
> Currently Shuffle fetches go on the clear. While Kerberos provides
> comprehensive authentication for the cluster, it does not provide
> confidentiality.
> When processing sensitive data confidentiality may be desired (at the expense
> of job performance and resources utilization for doing encryption).
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
