Github user JoshRosen commented on the pull request:
https://github.com/apache/spark/pull/3571#issuecomment-71931041
The SSL changes themselves here look good, so I think the last major thing
to resolve is how we're going to handle tiered configurations. I like
@vanzin's idea of having the global `spark.ssl` setting be overridden by
component-specific configurations, since this will be future-proof in terms of
adding new components (e.g. if we add new network pieces, they'll be covered by
the umbrella SSL configuration).
If we take care of that and the documentation, then I think we should be
able to pull this in.
I think the idea of having per-component overrides is backwards-compatible
with the approach here, so unless you anticipate any API-breakage that would
result from adding that change later, I think it might be fine to stick with
the global "all-or-nothing" SSL configuration then enhance it later with the
per-component overrides.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
