Github user vanzin commented on the issue:
https://github.com/apache/spark/pull/17530
I'm sorry but you won't convince me that it's a useful feature to have
Spark be a big security hole when inserted into a kerberos environment.
As I said, if you want to change your approach to have the Master / Worker
daemons manage a kerberos login that is shared among all users, that would be
more acceptable, and also cover your use case as far as I can see. But your
current approach is just not going to happen, at least from my point of view.
If you can find someone else to shepherd your PR, I'll let them figure it out,
but I'm not for adding this particular implementation to Spark.
And people can use YARN if they really care about security. Standalone was
never meant to be secure, nor used in secure environments. (There's also
ongoing work to get Kerberos to work with Mesos, which does have the necessary
security features as far as I know.)
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
