Github user vanzin commented on the issue:
https://github.com/apache/spark/pull/18978
So, one thing I'm a little confused about is: why are there any changes
necessary to the transport library at all?
The transport library abstracts away the concept of users / secrets so that
the same server can support multiple secrets. This is how the YARN shuffle
service works. The `SecurityManager` is just a naive implementation of a secret
holder that only supports one secret.
In my view, to implement this, you can do it in two different ways:
- have the AM `RpcEnv` also listen for connections, and register both the
appId / app secret, and a "client" user name (which can be hardcoded) with the
Client-to-AM token as the secret.
- create a separate `RpcEnv` for this feature that accepts any user and
maps it to the `Client-to-AM` token.
In neither cases there should be the need to make any modifications to the
transport library. Is there any reason why that would not work?
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
