vanzin commented on a change in pull request #23525: [SPARK-26595][core] Allow
credential renewal based on kerberos ticket cache.
URL: https://github.com/apache/spark/pull/23525#discussion_r249916044
##########
File path: core/src/main/scala/org/apache/spark/internal/config/package.scala
##########
@@ -228,6 +228,16 @@ package object config {
.timeConf(TimeUnit.SECONDS)
.createWithDefaultString("1m")
+ private[spark] val KERBEROS_RENEWAL_CREDENTIALS =
+ ConfigBuilder("spark.kerberos.renewal.credentials")
Review comment:
That would be a change in behavior. e.g in YARN that would increase the
number of delegation tokens an app creates when it's run without token renewal.
Second, if your TGT is not renewable (`kinit -l foo`, instead of `kinit -l
foo -r bar`), you'll get noisy errors in the output.
Also, a config opens the path for other ways of providing tokens (e.g.
renewing based on a delegation token cache, which some k8s guys were interested
in).
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
With regards,
Apache Git Services
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
