Github user vanzin commented on the issue:
https://github.com/apache/spark/pull/17530
> That shouldn't preclude standalone clusters from communicating with
secured resources.
Of course it should. You're inserting a service into your cluster that
allows people to steal each others' credentials, basically making security in
all the other services pointless. Explain to me how does that make sense?
If all you want is to allow Spark to access secure HDFS, create a user for
the "Spark Standalone" service and login on every Worker node as that user. All
Spark applications will use that user, and then administrators have control of
how much damage that user can do to other services.
But as is, you're basically breaking security of the whole datacenter by
introducing an insecure service.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
